I have the following code in my Startup.cs
services.AddIdentity<MasterUser, IdentityRole>(config =>
{
config.User.RequireUniqueEmail = true;
config.Cookies.ApplicationCookie.AccessDeniedPath = new PathString("/Authentication/Login");
config.Cookies.ApplicationCookie.LoginPath = new PathString("/Authentication/Login");
config.Cookies.ApplicationCookie.LogoutPath = new PathString("/Authentication/Login");
config.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromDays(36500);
config.Cookies.ApplicationCookie.SlidingExpiration = true;
})
.AddUserManager<MasterUserIdentityManager>()
.AddUserStore<MasterUserIdentityClaimStore>()
.AddEntityFrameworkStores<MasterDatabaseContext>();
The ExpireTimeSpan is set to 100 years while the SlidingExpiration is set to true but the application signs out the authenticated user after about 35 minutes, even when they are active. It is as if these settings are not applied for some reason.
Think you may need to set SecurityStampValidationInterval too
config.SecurityStampValidationInterval = TimeSpan.FromDays(36500);;