根据ASP.NET中的角色设置auth cookie超时长度

时间:2022-06-20 01:39:33

I want to allow admins to be logged in for longer than normal users. I don't see a hook for setting the cookie timeout programmatically or in a role-based way. Is this possible in ASP using Forms Authentication?

我想允许管理员登录的时间比普通用户长。我没有看到用于以编程方式或基于角色的方式设置cookie超时的挂钩。在使用Forms身份验证的ASP中这是可能的吗?

2 个解决方案

#1

7  

Yes, you could do that. You would need to generate the authentication ticket manually instead of letting the framework generate it automatically.

是的,你可以这样做。您需要手动生成身份验证票证,而不是让框架自动生成它。

Depending the user role, the expiration you assign to the ticket.

根据用户角色,您分配给故障单的到期时间。

This tutorial show how to generate the ticket manually.

本教程介绍如何手动生成故障单。

#2

6  

SNIPPET:

片段:

     switch Role: 
     Case A: VARIABLE X = Y; BREAK;
     CASE B: VARIABLE X = Y2; BREAK;
     ..

     End switch

     FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
        1, // Ticket version
        Username.Value, // Username associated with ticket
        DateTime.Now, // Date/time issued
        DateTime.Now.AddMinutes(VARIABLE X), // Date/time to expire
        true, // "true" for a persistent user cookie
        reader.GetString(0), // User-data, in this case the roles
        FormsAuthentication.FormsCookiePath);// Path cookie valid for

     // Encrypt the cookie using the machine key for secure transport
     string hash = FormsAuthentication.Encrypt(ticket);
     HttpCookie cookie = new HttpCookie(
        FormsAuthentication.FormsCookieName, // Name of auth cookie
        hash); // Hashed ticket

     // Set the cookie's expiration time to the tickets expiration time
     if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;

     Response.Cookies.Add(cookie);

#1

7  

Yes, you could do that. You would need to generate the authentication ticket manually instead of letting the framework generate it automatically.

是的,你可以这样做。您需要手动生成身份验证票证,而不是让框架自动生成它。

Depending the user role, the expiration you assign to the ticket.

根据用户角色,您分配给故障单的到期时间。

This tutorial show how to generate the ticket manually.

本教程介绍如何手动生成故障单。

#2

6  

SNIPPET:

片段:

     switch Role: 
     Case A: VARIABLE X = Y; BREAK;
     CASE B: VARIABLE X = Y2; BREAK;
     ..

     End switch

     FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
        1, // Ticket version
        Username.Value, // Username associated with ticket
        DateTime.Now, // Date/time issued
        DateTime.Now.AddMinutes(VARIABLE X), // Date/time to expire
        true, // "true" for a persistent user cookie
        reader.GetString(0), // User-data, in this case the roles
        FormsAuthentication.FormsCookiePath);// Path cookie valid for

     // Encrypt the cookie using the machine key for secure transport
     string hash = FormsAuthentication.Encrypt(ticket);
     HttpCookie cookie = new HttpCookie(
        FormsAuthentication.FormsCookieName, // Name of auth cookie
        hash); // Hashed ticket

     // Set the cookie's expiration time to the tickets expiration time
     if (ticket.IsPersistent) cookie.Expires = ticket.Expiration;

     Response.Cookies.Add(cookie);
标签:

相关文章