问题描述

使用AuthenticationManager SignIn与使用SignInManager PasswordSignIn / SignIn有什么区别？我有一个实现使用SignInManager和我的cookie过期设置为30天，但似乎我的网络应用程序将随机过期的30天之前的我的cookie。会使用SignInManager实现是否是这个原因？我应该使用AuthenticationManager实现吗？

What is the difference between using AuthenticationManager SignIn as opposed to using SignInManager PasswordSignIn/SignIn? I have an implementation using the SignInManager and have my cookie expiration set to 30 days however it seems my web app will randomly expire my cookies far before 30 days. Would using the SignInManager implementation be the cause of this? Should I be using the AuthenticationManager implementation instead?

开箱即用的示例代码显示了这样的登录，但我还看到了使用AuthenticationManager实现的其他示例。

The out of the box example code shows sign in like this, but I've also seen other examples that use AuthenticationManager implementation.

var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);

以下是我的启动配置。

            app.UseCookieAuthentication(new CookieAuthenticationOptions
        {
            AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
            ExpireTimeSpan = TimeSpan.FromDays(30),
            LoginPath = new PathString("/signin"),
            Provider = new CookieAuthenticationProvider
            {
                OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<AppUserManager, AppUser>(
                    validateInterval: TimeSpan.FromMinutes(30),
                    regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
            }
        });
        app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
        app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
        app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);

推荐答案

在发布身份框架2.1.0版之前，必须编写我们自己的代码，以获得双因素身份验证，帐户锁定，EmailToBeConfirmed等的结果（SignInStatus）。使用SignInManager，这被简化了，我们得到一行代码的SignInStatus。

Before release of identity framework version 2.1.0, we have to write our own code in order to get results (SignInStatus) for Two-Factor authentication, account lockout, EmailToBeConfirmed etc. With the SignInManager, this has been simplified and we get SignInStatus with one line of code.

您可以了解NuGet程序包和编译两个版本之后的检查。

You can understand this checking following NuGet packages and compering two version.

版本2.0.0： Install-Package Microsoft.AspNet.Identity.Samples -Version 2.0.0-beta1-Pre

版本2.1.0： Install-Package Microsoft.AspNet.Identity.Samples -Pre

AuthenticationManager.SignIn 是使用 SignInManager 后面以完成用户signIn进程的机制，因此 AuthenticationManager之间没有任何区别.SignIn 和 SignInManager.PasswordSignIn / SignIn 。我们可以解释 SignInManager 作为帮助类来管理所有类型的认证，如 PasswordSignIn / SignIn ， SignInOrTwoFactor 。

AuthenticationManager.SignIn is the mechanism using behind the SignInManager in order to complete user signIn process, so that there isn't any difference between AuthenticationManager.SignIn and SignInManager.PasswordSignIn/SignIn. We could explain SignInManager as a helper class to manage all types of authentication like PasswordSignIn/SignIn, SignInOrTwoFactor.

因此，Cookie的过期不依赖于您用于signIn的方法，因为所有配置在 CookieAuthenticationOptions 。

Therefore expiration of cookies not depend on the method you used for signIn as all configured in the CookieAuthenticationOptions of start up.

这篇关于ASP.NET Identity AuthenticationManager与SignInManager和cookie到期的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！