Logging in ASP.NET Core 5

Question

I have written a project with ASP.NET Core. When I publish the project to the server, my user can not log in for more than 30 minutes, and after 30 minutes, it needs to be re-authenticated and redirected to the login page.

This is my code in the ConfigureServices method:

services.ConfigureApplicationCookie(options =>
    {
        options.Cookie.HttpOnly = false;
        options.LoginPath = "/Login";
        options.AccessDeniedPath = "/NotFound";
        options.ExpireTimeSpan = TimeSpan.FromDays(30);
        options.LogoutPath = "/SignOut";
    });

And this is in the Configure method:

app.UseAuthentication();
app.UseAuthorization();

This problem only occurs when the project is published

Answer 1

UPDATE

You can find machine key here. It will help you solve the issue.

Reason

Application generates new machine key every time when it has been restarted. So way to solve problem is to force application to use constant key.

public class Startup
{
    public Startup(IConfiguration configuration, IWebHostEnvironment env)
    {
        Configuration = configuration;
        _env = env;
    }

    public IConfiguration Configuration { get; }
    public IWebHostEnvironment _env { get; }

    // This method gets called by the runtime. Use this method to add services to the container.
    public void ConfigureServices(IServiceCollection services)
    {
                services.AddDataProtection()
                        .SetApplicationName($"my-app-{_env.EnvironmentName}")
                        .PersistKeysToFileSystem(new DirectoryInfo($@"{_env.ContentRootPath}\keys"));
                services.AddControllersWithViews();
    
    }

    // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
    public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
    {
    ...
    }
}

---

Change FromDays to FromMinutes will help you solve the issue.

options.ExpireTimeSpan =  TimeSpan.FromMinutes(30); //TimeSpan.FromDays(30);