Reputation: 2346
Session that never expires like on stackoverflow.com, unless the user clicks logout
I am building a asp.net mvc application. I want session to never expire, once the user login, unless the user clicks on logout.
Whats the best way of doing it?
I have used
FormsAuthentication.SetAuthCookie(userName, createPersistentCookie);
and set createPersistentCookie to true, but still I get logged out after sometime.
Upvotes: 3
Views: 2112
Answers (2)
Reputation: 76021
Implement sliding expiration. Leave the expiration time to some reasonable value - day, two, week max; renew the cookie on each request (simplest) or at certain intervals.
Upvotes: 6
Reputation: 28064
FormsAuthentication cookies use the timeout value to determine expiration. The createPersistentCookie flag just tells the API to set an expires value, rather than allowing the cookie to expire when the browser is closed. To prevent expiration, increase the forms authentication timeout value in the web.config. That value is in minutes, so to force the cookie to last one year, use 525600.
Upvotes: 1
Related Questions
- Stop session from expiring when browser closes in MVC
- Log a user off when ASP.NET MVC Session expires
- Detect Session Expiry in Asp.Net MVC 5 Razor Application
- ASP MVC 3: Is there a way to have an object in session expire after the user leaves the view?
- Session Expire in MVC
- MVC session expires - continue where left
- How to expire a session when the system sits idle in asp.net mvc3
- Make Session expire
- Keep session alive forever as stackoverflow
- How do I force expiration of an ASP.Net session when a user leaves the site?