问题
I have introduced an audit table to store user login data (including auth-token) upon sign in/sign out and reading user status on each request to eliminate the asp.net cookie replay security issue.
This causes an increase in time taken for each request causing performance issues.
What are some other ways used to mitigate cookie replay attacks in asp.net?
来源:https://stackoverflow.com/questions/46522399/asp-net-cookie-replay-fix-without-storing-auth-token-in-server