بررسی فرمت کوکیهای ASP.NET Identity
نویسنده: وحید نصیری
تاریخ: ۱۳۹۴/۰۹/۱۷ ۸:۵
آدرس: www.dntips.ir
| مطالب | ۳۶۹۴ |
| نویسندگان | ۲۷۶ |
| گروههای مطالب | ۱۰۲۴ |
| نقشههای راه | ۱۱۹ |
| دورهها | ۱۴ |
| اشتراکها | ۱۷۹۱۴ |
var cookieAuthenticationOptions = new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
CookieDomain = ".mydomain.com"
}; <machineKey validationKey="DAD9E2B0F9..." decryptionKey="ADD1C39C02..." validation="SHA1" decryption="AES" />
CookieName = "my-very-own-cookie-name"
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
ExpireTimeSpan = TimeSpan.FromHours(24.0),
}); public ActionResult LogOff()
{
AuthenticationManager.SignOut();
return RedirectToAction("Index", "Home");
} [HttpPost]
[ValidateAntiForgeryToken]
public async Task<ActionResult> LogOff()
{
var user = await UserManager.FindByNameAsync(User.Identity.Name);
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
await UserManager.UpdateSecurityStampAsync(user.Id);
return RedirectToAction("Login", "Account");
} public class MvcApplication : HttpApplication
{
public MvcApplication()
{
var wrapper = new EventHandlerTaskAsyncHelper(AuthenticateRequest);
AddOnAuthenticateRequestAsync(wrapper.BeginEventHandler, wrapper.EndEventHandler);
}
private async Task AuthenticateRequest(object sender, EventArgs e)
{
if (Context.User == null)
return;
//bla bla
if (هرچیزی که مجاز نباشد)
{
var authenticationManager = ProjectObjectFactory.Container.GetInstance<IAuthenticationManager>();
authenticationManager.SignOut
(
DefaultAuthenticationTypes.ExternalCookie,
DefaultAuthenticationTypes.ApplicationCookie
);
FormsAuthentication.SignOut();
await userService.UpdateSecurityStampAsync(userId);
}
}
} TimeSpan.FromMinutes(0)
app.CreatePerOwinContext(
() => SmObjectFactory.Container.GetInstance<IApplicationUserManager>()); app.CreatePerOwinContext(
() => SmObjectFactory.Container.GetInstance<ApplicationUserManager>()); OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
validateInterval: TimeSpan.FromMinutes(0),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager)) UserManager.CreateAsync UserManager.RemovePasswordAsync UserManager.UpdatePassword UserManager.RemoveLoginAsync UserManager.ChangePhoneNumberAsync/SetPhoneNumberAsync UserManager.SetTwoFactorEnabledAsync UserManager.SetEmailAsync