8

I use ASP.NET Identity .. I want to set session timeout to unlimited or max value. I've tried something but it doesn't effect. Note: I use shared hosting. Thank you.

//web.config
<system.web>
<customErrors mode="Off" />
<httpRuntime targetFramework="4.5" />
<authentication mode="Forms" />
<sessionState timeout="500000" />
</system.web>

//asp.identiyt config 
public void ConfigureAuth(IAppBuilder app)
{
    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
        ExpireTimeSpan = TimeSpan.FromDays(365),
        LoginPath = new PathString("/user/login"),
        Provider = new CookieAuthenticationProvider
        {
            OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser, int>
                (
                     validateInterval: TimeSpan.FromDays(365),
                     regenerateIdentityCallback: (manager, user) => user.GenerateUserIdentityAsync(manager),
                     getUserIdCallback: (id) => (Int32.Parse(id.GetUserId()))
                )
        }
    });
}
Yargicx
  • 1,704
  • 3
  • 16
  • 36
  • 1
    Note that Session and the identity login aren't necessarily the same thing. Also; trying to keep sessions "forever" is a really, really bad idea. And pretty much impossible. – Andrew Barber Nov 19 '14 at 21:55
  • 1
    okay. i want to one week for example for timeout? – Yargicx Nov 19 '14 at 22:00

1 Answers1

7
public void ConfigureAuth(IAppBuilder app)
{            
    var sessionTimeout = 20; // 

    app.UseCookieAuthentication(new CookieAuthenticationOptions
    {
        ExpireTimeSpan = TimeSpan.FromSeconds(30),
    });
}
Unihedron
  • 10,902
  • 13
  • 62
  • 72
Karthik Devarajan
  • 115
  • 6
  • 1
    How does this meet the "unlimited or max value" requirement? – Andrew Barber Nov 20 '14 at 14:05
  • You can't set session time out to unlimited but u can set timeout as per your requirment in web config – Karthik Devarajan Nov 21 '14 at 05:26
  • 2
    *"You can't set the session time out to unlimited"* **That** would have been valid and related information to include. What you posted was just another way to try what the OP was already trying, that wasn't doing what they wanted. – Andrew Barber Nov 21 '14 at 15:10
  • this is the best answer, at least as close as one can get to "unlimited". Specifically you set the ExpireTimeSpan to something like the following: ExpireTimeSpan = TimeSpan.FromDays(45) which will allow the cookie to be valid fro 45 days – mknopf Nov 01 '19 at 22:41