Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Jul 06, 2012 04:17 PM by shapper
Aug 08, 2008 07:59 PM|LINK
Right now, when a user signs in and then they exit the site or close the browser, they are logged out. I'd like them to stay logged in (or at least for a significant amount of time) until they click the sign out button. I'm not sure how to implement this
I should mention I'm using forms authentication and all the ASP.NET built in stuff
Aug 08, 2008 08:27 PM|LINK
try increasing the the timeout value in web.config..
Aug 08, 2008 08:35 PM|LINK
One more thing use Pesistent auth cookie
Aug 08, 2008 10:05 PM|LINK
Write it to the database when they log in.And update the database when they signout.If the user is not active for a log time just update the database and logout him
by a sql job
Aug 12, 2008 04:34 AM|LINK
I suggest to use " System.Web.Security.FormsAuthentication.RedirectFromLoginPage" method to save the users status when the users login the website until they sign out.
Please refer to the following link below for more information about "FormsAuthentication.RedirectFromLoginPage" method.
And we could use "System.Web.Security.FormsAuthentication.SignOut()" method to sign out.
I look forward to receiving your test results.
Jul 06, 2012 04:17 PM|LINK
I see. At the moment on the MVC action when the user validates I do the following:
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
String hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
cookie.Expires = ticket.Expiration;
So if the user chooses "keep me signed in" I just increase the time on the ticket. For example:
But I think persistent should always be or not?
Unless I want the user to sign in at each page refresh ...
Am I thinking this wrong?