根據ASP.NET中的角色設置auth cookie超時長度

Question

我想允許管理員登錄的時間比普通用戶長。我沒有看到以編程方式或以基於角色的方式設置cookie超時的掛鉤。這是可能的ASP使用窗體身份驗證？

Answer 1

是的，你可以做到這一點。您需要手動生成身份驗證票證，而不是讓框架自動生成身份驗證票證。

根據用戶角色，您分配給故障單的失效。

This tutorial show how to generate the ticket manually.

Answer 2

片段：

 switch Role: 
    Case A: VARIABLE X = Y; BREAK; 
    CASE B: VARIABLE X = Y2; BREAK; 
    .. 

    End switch 

    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
     1, // Ticket version 
     Username.Value, // Username associated with ticket 
     DateTime.Now, // Date/time issued 
     DateTime.Now.AddMinutes(VARIABLE X), // Date/time to expire 
     true, // "true" for a persistent user cookie 
     reader.GetString(0), // User-data, in this case the roles 
     FormsAuthentication.FormsCookiePath);// Path cookie valid for 

    // Encrypt the cookie using the machine key for secure transport 
    string hash = FormsAuthentication.Encrypt(ticket); 
    HttpCookie cookie = new HttpCookie(
     FormsAuthentication.FormsCookieName, // Name of auth cookie 
     hash); // Hashed ticket 

    // Set the cookie's expiration time to the tickets expiration time 
    if (ticket.IsPersistent) cookie.Expires = ticket.Expiration; 

    Response.Cookies.Add(cookie);