I have the following code in my Startup.cs
services.AddIdentity<MasterUser, IdentityRole>(config =>
{
config.User.RequireUniqueEmail = true;
config.Cookies.ApplicationCookie.AccessDeniedPath = new PathString("/Authentication/Login");
config.Cookies.ApplicationCookie.LoginPath = new PathString("/Authentication/Login");
config.Cookies.ApplicationCookie.LogoutPath = new PathString("/Authentication/Login");
config.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromDays(36500);
config.Cookies.ApplicationCookie.SlidingExpiration = true;
})
.AddUserManager<MasterUserIdentityManager>()
.AddUserStore<MasterUserIdentityClaimStore>()
.AddEntityFrameworkStores<MasterDatabaseContext>();
The ExpireTimeSpan
is set to 100 years while the SlidingExpiration
is set to true but the application signs out the authenticated user after about 35 minutes, even when they are active. It is as if these settings are not applied for some reason.
Think you may need to set SecurityStampValidationInterval
too
config.SecurityStampValidationInterval = TimeSpan.FromDays(36500);;