locked
How to specify an expiration time for authentication cookie in asp.net core 3.1 RRS feed

  • Question

  • User-259252065 posted

    Hi. I'm implementing asp.net core 3.1. My problem is how can I specify 15 min time for authentication cookie so after that time the user should login again to enter in the program. Here is what I have tried to do that in startup.cs but it doesn't work perfect:

     services.AddScoped<LDap.IAuthenticationService, LdapAuthenticationService>();
                services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie(options =>
                {
                    // Cookie settings
                    options.Cookie.Name = "UserLoginCookie"; // Name of cookie 
                    options.Cookie.SameSite = SameSiteMode.None;
                    options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
                    options.Cookie.HttpOnly = true;
                    options.Cookie.IsEssential = true;
                    options.ExpireTimeSpan = TimeSpan.FromMinutes(15);
    
                    options.LoginPath = "/Account/Login";
                    options.AccessDeniedPath = "/Account/UserAccessDenied";
                    options.SlidingExpiration = true;
                });

    I appreciate if anyone can tell me how to solve the issue.

    Monday, November 9, 2020 11:33 AM

All replies

  • User475983607 posted

    You're already set a sliding 15 minute timeout.  Can you explain the unexpected results?

    Monday, November 9, 2020 12:35 PM