I have 2 ASP.NET Core MVC apps running on difference ports on one IP (for example App1: 192.168.0.1:8000 and App2: 192.168.0.1:8001).
After logging in to App1 and then logging in to App2, App1 will create a new SessionId for the next request, so it can't get the old session for auth data.
I am setting it up like this in startup.cs
public void ConfigureServices(IServiceCollection services)
{
....
services.Configure<CookiePolicyOptions>(options =>
{
options.CheckConsentNeeded = context => true;
options.MinimumSameSitePolicy = SameSiteMode.None;
});
....
services.AddDistributedMemoryCache();
services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromMinutes(60);
options.Cookie.HttpOnly = true;
options.Cookie.IsEssential = true;
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
....
app.UseCookiePolicy();
app.UseSession();
....
}
Found out that I didn't set the cookie name for each App, so it's overwrite each other cookie like @GordonKhanhNg. have just said.
services.AddSession(options => {
....
options.Cookie.Name = ".App1.Session";
....
});