i've noticed following cookies being issued 1 year expiration:
__requestverificationtoken .aspnet.cookies .openidconnect.nonce.[guid]
if add following code, .aspnet.cookies have desired 15 minute expiration:
cookieauthenticationoptions cookieauthenticationoptions = new cookieauthenticationoptions() { provider = new cookieauthenticationprovider { onresponsesignin = (cookieresponsesignincontext context) => { context.cookieoptions.expires = datetime.utcnow.addminutes(15); } } }; app.setdefaultsigninasauthenticationtype(cookieauthenticationdefaults.authenticationtype); app.usecookieauthentication(cookieauthenticationoptions); app.useopenidconnectauthentication(openidconnectauthenticationoptions); app.usewindowsazureactivedirectorybearerauthentication(windowsazureactivedirectorybearerauthenticationoptions); however can't figure out how set similar expiration time other cookies?
Comments
Post a Comment