Stay logged in until they click sign out RSS

• • Reply
  

  Apples

  Member

  75 Points

  452 Posts

  Stay logged in until they click sign out

  Aug 08, 2008 07:59 PM|LINK

  Right now, when a user signs in and then they exit the site or close the browser, they are logged out.  I'd like them to stay logged in (or at least for a significant amount of time) until they click the sign out button.  I'm not sure how to implement this though.

  I should mention I'm using forms authentication and all the ASP.NET built in stuff
  

  • Edited by Apples on Aug 08, 2008 08:23 PM
• • Reply
  

  budugu

  All-Star

  41110 Points

  6020 Posts

  Re: Stay logged in until they click sign out

  Aug 08, 2008 08:27 PM|LINK

  try increasing the the timeout value in web.config..

  <system.web>
      <authentication mode="Forms">
            <forms timeout="70000000"/>
      </authentication>
  </system.web>

   

  Vijay Kodali || My Blog
  
  "Don't be afraid to be wrong; otherwise you'll never be right."
• • Reply
  

  budugu

  All-Star

  41110 Points

  6020 Posts

  Re: Stay logged in until they click sign out

  Aug 08, 2008 08:35 PM|LINK

  One more thing use Pesistent auth cookie

   

  FormsAuthentication.SetAuthCookie("test", true);

   
  

  Vijay Kodali || My Blog
  
  "Don't be afraid to be wrong; otherwise you'll never be right."
  • Marked as answer by Zong-Qing Li - MSFT on Aug 14, 2008 08:17 AM
• • Reply
  

  jsiddharthj

  Participant

  1039 Points

  234 Posts

  Re: Stay logged in until they click sign out

  Aug 08, 2008 10:05 PM|LINK

   Write it to the database when they log in.And update the database when they signout.If the user is not active for a log time just update the database and logout him

  by a sql job

   

  Sid heart
• • Reply
  

  Zong-Qing Li...

  All-Star

  26878 Points

  2165 Posts

  Re: Stay logged in until they click sign out

  Aug 12, 2008 04:34 AM|LINK

  Hi,

  I suggest to use " System.Web.Security.FormsAuthentication.RedirectFromLoginPage" method to save the users status when the users login the website until they sign out.

  Please refer to the following link below for more information about "FormsAuthentication.RedirectFromLoginPage" method.

  http://msdn.microsoft.com/en-us/library/ka5ffkce.aspx

   And we could use "System.Web.Security.FormsAuthentication.SignOut()" method to sign out.

   

  I look forward to receiving your test results.

   

  Sincerely,
  Zong-Qing Li
  Microsoft Online Community Support
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as
  Answer” if a marked post does not actually answer your question.
  • Edited by Zong-Qing Li - MSFT on Aug 12, 2008 04:39 AM
  • Edited by Zong-Qing Li - MSFT on Aug 12, 2008 04:41 AM
  • Marked as answer by Zong-Qing Li - MSFT on Aug 14, 2008 08:17 AM
• • Reply
  

  shapper

  Contributor

  3932 Points

  3789 Posts

  Re: Stay logged in until they click sign out

  Jul 06, 2012 04:17 PM|LINK

  I see. At the moment on the MVC action when the user validates I do the following:

  FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
    1,
    userName,
    DateTime.UtcNow,
    DateTime.UtcNow.AddMinutes(30),
    false,
    userRoles,
    FormsAuthentication.FormsCookiePath);
  
    String hash = FormsAuthentication.Encrypt(ticket);
    HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
  
    if (ticket.IsPersistent)
      cookie.Expires = ticket.Expiration;

  
  So if the user chooses "keep me signed in" I just increase the time on the ticket. For example:

  DateTime.UtcNow.AddMinutes(30)

  Becomes

  DateTime.UtcNow.AddMinutes(7000000)

  But I think persistent should always be or not?

  Unless I want the user to sign in at each page refresh ...

  Am I thinking this wrong?

  Thank You,

  Miguel