0

I log in using PasswordSignInAsync function like

var result = await SignInManager.PasswordSignInAsync(model.UserName, model.Password, model.Remember, shouldLockout: false);

And field model.Remember (isPersistent) is false.

And in my Startup class, I have some code like

app.UseCookieAuthentication(new CookieAuthenticationOptions{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Account/Login"),
                Provider = new CookieAuthenticationProvider
                {
                    OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
                        validateInterval: TimeSpan.FromMinutes(30),
                        regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
                }
            });

What I would like to achieve is not only logging out the user after 30 minutes, but also after closing the browser.

Qwertyluk
  • 363
  • 3
  • 14
  • You can't. there is no reliable way to detect a browser close. – VDWWD Sep 09 '20 at 13:35
  • Can you share your code that starts the logged in session? Is the Remember flag being passed to that correctly? if it is, the cookie should be non-persistent which means it'll be deleted when the browser is closed. – Carl Sep 09 '20 at 13:42
  • In debug mode I can clearly see that Remember flag is false. Maybe there is some trouble in my browser? I am using Chrome and have already tried uncheck options like `Continue where you left off` and `Continue running background apps when Google Chrome is closed` – Qwertyluk Sep 09 '20 at 13:50
  • try this - [detect browser close](https://stackoverflow.com/questions/20853142/trying-to-detect-browser-close-event). in browser close event, you can logout. – SSD Sep 09 '20 at 14:00
  • May be dirty naive technique - What you can try is ask for a confirmation if user closes the browser. Get its event and on that event write an ajax method that calls Logout function of the Controller. – Rohan Rao Sep 09 '20 at 14:32

1 Answers1

0

Did u try clear cookie when window.unload from client side? Maybe this resolve your problem.

FBY
  • 39
  • 5