What will happen when validateInterval timeout expires? this is my authentication config
var cookieAuthOptions = new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Compte/Login"),
CookieDomain = ".rdvdoc.fr",
//si pas défini le cookie expire à la fin de la navigation, définit une durée de validité du cookie
ExpireTimeSpan = TimeSpan.FromDays(365),
//pour étendre la validité du cokie à chaque reconnexion
SlidingExpiration = true,
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the computer logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, User>(
validateInterval: TimeSpan.FromMinutes(60),
regenerateIdentity: (manager, user) => ApplicationUser.GenerateUserIdentityAsync(user, manager))
}
};
what i want to know is: after the validateidentity timeout expires, GenerateUserIdentityAsync will be called, but where does the user object fed to it come from?
thanks
The manager is fetched from the owin context and the userId from the cookie. The user is then fetched from the manager.
...
TManager manager = OwinContextExtensions.GetUserManager<TManager>(context.OwinContext);
...
TKey userId = getUserIdCallback(context.Identity);
...
TUser user = await Microsoft.AspNet.Identity.TaskExtensions.WithCurrentCulture<TUser>(manager.FindByIdAsync(userId));