Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Coding Asp.Net ASP.NET Identity AuthenticationManager vs. SignInManager and cookie expiration

Thread Rating:
  • 368 Vote(s) - 3.68 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
ASP.NET Identity AuthenticationManager vs. SignInManager and cookie expiration

Offline myrahst


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Feb 2017
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#1
07-23-2023, 05:52 AM
What is the difference between using AuthenticationManager SignIn as opposed to using SignInManager PasswordSignIn/SignIn? I have an implementation using the SignInManager and have my cookie expiration set to 30 days however it seems my web app will randomly expire my cookies far before 30 days. Would using the SignInManager implementation be the cause of this? Should I be using the AuthenticationManager implementation instead?

The out of the box example code shows sign in like this, but I've also seen other examples that use AuthenticationManager implementation.

var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);

Here is my startup configuration.

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
ExpireTimeSpan = TimeSpan.FromDays(30),
LoginPath = new PathString("/signin"),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<AppUserManager, AppUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
Reply

Offline meaghanndzxgrcocg


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Aug 2022
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#2
07-23-2023, 05:53 AM
Before release of identity framework version 2.1.0, we have to write our own code in order to get results (SignInStatus) for Two-Factor authentication, account lockout, EmailToBeConfirmed etc. With the SignInManager, this has been simplified and we get SignInStatus with one line of code.

You can understand this checking following NuGet packages and compering two version.

Version 2.0.0: `Install-Package Microsoft.AspNet.Identity.Samples -Version 2.0.0-beta1 -Pre`

Version 2.1.0: `Install-Package Microsoft.AspNet.Identity.Samples -Pre`

`AuthenticationManager.SignIn` is the mechanism using behind the `SignInManager` in order to complete user signIn process, so that there isn't any difference between `AuthenticationManager.SignIn` and `SignInManager.PasswordSignIn/SignIn`. We could explain `SignInManager` as a helper class to manage all types of authentication like `PasswordSignIn`/`SignIn`, `SignInOrTwoFactor`.

Therefore expiration of cookies not depend on the method you used for signIn as all configured in the `CookieAuthenticationOptions` of start up.
Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through