CODEWITHSUNDEEP
c#cookies.net-coreauthorizationidentityserver4
DiPix
DiPix

Reputation: 6083

IdentityServer4 automatically logout after 30 minutes

I have IdentityServer4 with Angular. Every 5 minutes the token is silent refreshed. But after 30minutes the user is automatically logged out. I was trying to set lifetime cookies somehow, without any success.

This is my current configuration:

    public void ConfigureServices(IServiceCollection services)
    {
        services.AddDbContext<AppIdentityDbContext>(options => options.UseSqlServer(Configuration.GetConnectionString("Identity")));

        services.AddIdentity<AppUser, IdentityRole>(options =>
            {
                options.Password.RequiredLength = 6;
                options.Password.RequireLowercase = false;
                options.Password.RequireUppercase = false;
                options.Password.RequireNonAlphanumeric = false;
                options.Password.RequireDigit = false;
                options.SignIn.RequireConfirmedEmail = true;
                options.User.RequireUniqueEmail = true;
                options.User.AllowedUserNameCharacters = null;
            })
            .AddEntityFrameworkStores<AppIdentityDbContext>()
            .AddDefaultTokenProviders();

        services.AddIdentityServer(options => options.Authentication.CookieLifetime = TimeSpan.FromHours(10))
            .AddDeveloperSigningCredential()
            .AddInMemoryPersistedGrants()
            .AddInMemoryIdentityResources(Config.GetIdentityResources())
            .AddInMemoryApiResources(Config.GetApiResources())
            .AddInMemoryClients(Config.GetClients(Configuration["AppUrls:ClientUrl"]))
            .AddAspNetIdentity<AppUser>();

        services.AddTransient<IProfileService, IdentityClaimsProfileService>();

        services.AddCors(options => options.AddPolicy("AllowAll", p => p.AllowAnyOrigin()
           .AllowAnyMethod()
           .AllowAnyHeader()));

        services.AddRazorPages().AddRazorRuntimeCompilation();
    }

@EDIT

If I will add

services.Configure<SecurityStampValidatorOptions>(options =>
{
    options.ValidationInterval = TimeSpan.FromHours(24);
});

Then it working fine, but I bet this is not correct solution for my issue.

@EDIT2

I found this https://github.com/IdentityModel/oidc-client-js/issues/911#issuecomment-617724445 and this helped me, but still not sure whether is proper way to solve it or it just next hack.

Upvotes: 7

Views: 2239

Answers (2)

DiPix
DiPix

Reputation: 6083

I found the solution. I was using

await HttpContext.SignInAsync(user.Id, user.UserName, props);

for signIn the user. And it was caused the problem.

After changed to:

var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberLogin, lockoutOnFailure: true);

It started working properly.

Upvotes: 2

Maytham Fahmi
Maytham Fahmi

Reputation: 33407

As far as I know this is neither Identity Server 4 nor OpenID Connect issue.

It is the logic of Asp.Net Identity cookies. This should be configurable at the Startup.cs.

You need to add following cookie configuration:

services.ConfigureApplicationCookie(o =>
{
    o.ExpireTimeSpan = TimeSpan.FromHours(24);
    o.SlidingExpiration = true;
});

This answer is inspired from following answers:

Upvotes: 5

Related Questions