How to set the cookie validateInterval in ASP.NET Core?

Question

I'm trying to set the validateInterval for an ASP.NET 5 RC1 application which makes use of ASP.NET Identity 3

I am trying to implement the code in this answer.

there are many code sample like this answer but it seems it isn't valid in ASP.NET 5 RC1

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    Provider = new CookieAuthenticationProvider
    {
        OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
            validateInterval: TimeSpan.FromMinutes(15))
    },
    ExpireTimeSpan = TimeSpan.FromMinutes(30)
});

If I try use the above code example in ASP.NET 5 RC1 I can't as

Provider is not a property of CookieAuthenticationOptions and Visual studio cannot locate CookieAuthenticationProvider in any namespace via its lightbulb options.

How do I set the validateInterval in ASP.NET 5 RC1?

Answer 1

As of ASP.NET Core 2.0 you won't be able to set SecurityStampValidationInterval when you AddIdentity.

You'll be able to set the ValidationInterval via SecurityStampValidatorOptions:

        services.Configure<SecurityStampValidatorOptions>(options =>
        {
            options.ValidationInterval = TimeSpan.FromSeconds(10);
        });

P.S: You'll have to AddIdentity first and ConfigureApplicationCookie after.

Answer 2

The validation interval is set in IdentityOptions:

services.AddIdentity<AppUser, AppRole>(options =>
{
    options.SecurityStampValidationInterval = TimeSpan.FromMinutes(15);
}

You can attach to the validation event using the CookieAuthenticationEvents:

app.UseCookieAuthentication(new CookieAuthenticationOptions()
{
    Events = new CookieAuthenticationEvents()
    {
        OnValidatePrincipal = context =>
        {
            Microsoft.AspNet.Identity.SecurityStampValidator.ValidatePrincipalAsync(context);
            return Task.FromResult(0);
        },
    },
    ExpireTimeSpan = TimeSpan.FromMinutes(30)
});