0

I have written a project with ASP.NET Core. When I publish the project to the server, my user can not log in for more than 30 minutes, and after 30 minutes, it needs to be re-authenticated and redirected to the login page.

This is my code in the ConfigureServices method:

services.ConfigureApplicationCookie(options =>
    {
        options.Cookie.HttpOnly = false;
        options.LoginPath = "/Login";
        options.AccessDeniedPath = "/NotFound";
        options.ExpireTimeSpan = TimeSpan.FromDays(30);
        options.LogoutPath = "/SignOut";
    });

And this is in the Configure method:

app.UseAuthentication();
app.UseAuthorization();

This problem only occurs when the project is published

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Sajjad
  • 17
  • 1

1 Answers1

1

UPDATE

You can find machine key here. It will help you solve the issue.

Reason

Application generates new machine key every time when it has been restarted. So way to solve problem is to force application to use constant key.

public class Startup
{
    public Startup(IConfiguration configuration, IWebHostEnvironment env)
    {
        Configuration = configuration;
        _env = env;
    }

    public IConfiguration Configuration { get; }
    public IWebHostEnvironment _env { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
                services.AddDataProtection()
                        .SetApplicationName($"my-app-{_env.EnvironmentName}")
                        .PersistKeysToFileSystem(new DirectoryInfo($@"{_env.ContentRootPath}\keys"));
                services.AddControllersWithViews();
    
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
    ...
    }
}

Change FromDays to FromMinutes will help you solve the issue.

options.ExpireTimeSpan =  TimeSpan.FromMinutes(30); //TimeSpan.FromDays(30);
Jason Pan
  • 15,263
  • 1
  • 14
  • 29
  • 1
    I want my user to stay logged in for 30 days – Sajjad Apr 11 '22 at 10:22
  • @Sajjad I have updated my answer,if it is helpful, please accept it as answer(click on the mark option beside the reply to toggle it from greyed out to fill in.), see https://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work – Jason Pan Apr 11 '22 at 12:35