How to extend AuthCookie expiration time when page refresh is refreshed?

Question

I set an AuthCookie in Login Action Method like this

FormsAuthentication.SetAuthCookie(username,true);

and in the Global.asax file I put the refresh code, (this will be executed after each action method authentication)

protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
 string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;

 HttpCookie cookie = FormsAuthentication.GetAuthCookie(username, true);
 var ticket = FormsAuthentication.Decrypt(cookie.Value);
 var newticket = new FormsAuthenticationTicket(ticket.Version,                                                                    
 ticket.Name,ticket.IssueDate,                                       
 ticket.Expiration,true,"new user data",ticket.CookiePath);

 cookie.Value = FormsAuthentication.Encrypt(newticket);
 cookie.Expires = newticket.Expiration.AddHours(24);
 HttpContext.Current.Response.Cookies.Set(cookie);
}

But it's not working and it log out after a small period of time, although when I check that cookie with through browser settings, the expiration time was set correctly.

score 0 · Answer 1 · answered Jul 28 '17 at 12:58

probably there is a value set for the timeout of the logged user/session in Web.config', something like this:

<authentication mode="Forms">
    <forms loginUrl="~/User/Login" timeout="10" />
</authentication>

You could get some useful info about forms sessions from here: Forms authentication timeout vs sessionState timeout

How to extend AuthCookie expiration time when page refresh is refreshed?

1 Answers1