我将自定义成员资格提供程序用于我的网站。并使用以下代码进行登录:
private User SetupFormsAuthTicket(string userName, bool persistanceFlag)
{
User user;
UsersContext usersContext = new UsersContext();
user = usersContext.GetUser(userName);
var userId = user.UserId;
var userData = userId.ToString(CultureInfo.InvariantCulture);
var authTicket = new FormsAuthenticationTicket(1, //version
userName, // user name
DateTime.Now, //creation
DateTime.Now.AddMinutes(30), //Expiration
persistanceFlag, //Persistent
userData);
var encTicket = FormsAuthentication.Encrypt(authTicket);
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
return user;
}
但是我在浏览器中检查cookie,只是保存了ASPXAUTH而没有保存ASP.NET_SessionId
我想保存ASP.NET_SessionId,但persistanceFlag为true。
如果要保留身份验证票证,则需要显式设置cookie过期与身份验证票证过期相同。
....
var encTicket = FormsAuthentication.Encrypt(authTicket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
if (authTicket.IsPersistent)
{
cookie.Expires = authTicket.Expiration;
}
Response.Cookies.Add(cookie);
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句