Why won't 'Remember Me' work in VS2013's ASP.NET MVC 5 boilerplate code?

Question

Using VS2013, I create a new project -> ASP.NET Web Application -> MVC only (no WebAPI or anything else.)

A load of handy boilerplate code is created, including the expected login management stuff, using OWIN.

For the sake of simple testing, I change the CookieAuthentication options to a short timeout in Startup.Auth.cs (add ExpireTimeSpan and set validateInterval).

        app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            ExpireTimeSpan = TimeSpan.FromMinutes(2),
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            LoginPath = new PathString("/Account/Login"),
            Provider = new CookieAuthenticationProvider
            {
                // Enables the application to validate the security stamp when the user logs in.
                // This is a security feature which is used when you change a password or add an external login to your account.  
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                    validateInterval: TimeSpan.FromMinutes(1),
                    regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
            }
        }); 

Fire it up (F5, which runs locally with IISExpress and uses LocalDB), register and wait two minutes. Click the 'Hello, [username]!' link at the top (which invokes an [Authorize]d controller method.) Logged out as expected.

Log in again with 'Remember me' checked. Wait two minutes. Click same link. Logged out again! Why is this? I expected an indefinite login. Have I misunderstood what this does?

My System.Web.Mvc.dll has version number 5.2.3-30128.0.

Answer 1

According to this answer ExpireTimeSpan ignored after regenerateIdentity / validateInterval duration in MVC Identity (2.0.1)

regenerateIdentity is the cause of the problem.