gpt4 book ai didi

asp.net-mvc - 我们可以个性化 ASP.NET MVC 5 中角色的 session 超时吗

转载 作者:行者123 更新时间:2023-12-03 19:02:32 25 4
gpt4 key购买 nike

这个想法是为 session 超时设置不同的值
ASP.NET MVC 5 和 ASP.NET Identity 中的不同用户角色。

有可能吗?

最佳答案

如果您试图比普通用户更快地启动管理员,这是我在 Identity 中的 stub 。

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
// other stuff
Provider = new CookieAuthenticationProvider
{
// this function is executed every http request and executed very early in the pipeline
// and here you have access to cookie properties and other low-level stuff.
// makes sense to have the invalidation here
OnValidateIdentity = async context =>
{
// invalidate user cookie if user's security stamp have changed
var invalidateBySecirityStamp = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager));
await invalidateBySecirityStamp.Invoke(context);

// check if user is in admin role
var isAdmin = context.Identity.Claims.Any(c => c.Type == ClaimTypes.Role && c.Value == "AdminRoleName");

// check if enough time has passed to invalidate cookie
var currentUtc = DateTimeOffset.UtcNow;
if (context.Options != null && context.Options.SystemClock != null)
{
currentUtc = context.Options.SystemClock.UtcNow;
}

var issuedUtc = context.Properties.IssuedUtc;
var bootThemOut = (issuedUtc == null);
if (issuedUtc != null)
{
var timeElapsed = currentUtc.Subtract(issuedUtc.Value);
bootThemOut = timeElapsed > TimeSpan.FromMinutes(3); // invalidate admin cookies in 3 minutes
}

if (isAdmin && bootThemOut)
{
context.RejectIdentity();
context.OwinContext.Authentication.SignOut(context.Options.AuthenticationType);
}
}
}
});

关于asp.net-mvc - 我们可以个性化 ASP.NET MVC 5 中角色的 session 超时吗,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26466780/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com