c# - "Remember Me"在服务器上不工作

Question

我正在实现“记住我”功能，我希望用户不必再次输入登录名/密码。

它似乎在本地工作，但在共享主机中，它持续大约 15 分钟然后注销。这是代码:

控制者:

FormsAuthentication.SetAuthCookie("username", true);

Web.config:

<authentication mode="Forms" >
    <forms loginUrl="~/Account/LogOn" timeout="262974" cookieless="UseCookies" />
</authentication>
<sessionState mode="InProc" timeout="262974" cookieless="UseCookies" />

编辑

我已经添加了 sessionState，但仍然是同样的问题，在本地工作，不在服务器上？

我错过了什么？

Answer 1

查看 sessionstate web.config 中的元素。例如:

<sessionState mode="InProc" timeout="60" />

查看以下 SO 问题以了解 sessionstate 之间的差异元素和 forms web.config 中的元素: Differences in forms auth timeout and session timeout

accepted answer通过 @womp说明如下:

A session starts every time a new user hits the website, regardless of whether or not they are anonymous. Authentication has very little to do with Session.

Authentication timeout is the amount of time that the authentication cookie is good for on the user's browser. Once the cookie expires, they must re-authenticate to access protected resources on the site.

So, if Session times out before the Authentication cookie - they are still authenticated, but all their session variables disappear, and may cause errors in your website if you are not disciplined in checking for nulls and other conditions brought about by missing session.

If Authentication times out before the session, then all their session variables will still exist, but they won't be able to access protected resources until they log back in again.