Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

my clients logouts after 30 minutes #240

Closed
1 task
Jason9n opened this issue Oct 18, 2024 · 5 comments
Closed
1 task

my clients logouts after 30 minutes #240

Jason9n opened this issue Oct 18, 2024 · 5 comments
Labels
bug This issue is a bug. module/cog-id-provider p2 This is a standard priority issue response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days.

Comments

@Jason9n
Copy link

Jason9n commented Oct 18, 2024
edited
Loading

Describe the bug

Hi
I have a big problem with identity After logging, I stay login only for 30 minutes.
in my windows (localhost) it will works perfectly fine but when i publish the project and upload it on the host this problem will shows up

I'm using Identity in my project

AppDb:
public class AppDb : IdentityDbContext<AppUser, IdentityRole, string> { ..... }

AppUser:

public class AppUser : IdentityUser
{

       [ProtectedPersonalData]
       public virtual string Firstname { get; set; } = string.Empty;

       [ProtectedPersonalData]
       public virtual string Lastname { get; set; } = string.Empty;

}

and I've created a simple login

Login Code :

await _signInManager.SignInAsync(user, true, default); (I even tried with password signin but no result)

after 30 minutes its will logout but the cookie will remain
no matter what settings I use in the Program.cs it always logouts after 30 minutes
i found some related topics on github , but it should be fixed from asp core 2.2, why i have this problem on .NET 8

Program.cs:

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddDbContext<AppDb>(options =>
    options.UseSqlServer(builder.Configuration.GetConnectionString("DefaultConnection")));

builder.Services.AddIdentity<AppUser, IdentityRole>()
                        .AddEntityFrameworkStores<AppDb>()
                        .AddDefaultTokenProviders(); 

builder.Services.ConfigureApplicationCookie(options =>
{
    options.AccessDeniedPath = "/Main/NotFound";
    options.LoginPath = "/Account/Entering";
    options.LogoutPath = "/Account/Logout";
    options.Cookie.HttpOnly = true;
    options.ExpireTimeSpan = TimeSpan.FromDays(30);
    options.SlidingExpiration = true;
});

even i tried this code on program.cs but no result:

builder.Services.Configure<SecurityStampValidatorOptions>(
    o => o.ValidationInterval = TimeSpan.FromDays(1));

And Again : in my windows (localhost) it will works perfectly fine but when i publish the project and upload it on the host this problem will shows up

Any help would be appreciated
sorry about my english

Regression Issue

  • Select this option if this issue appears to be a regression.

Expected Behavior

stay logedin morethan 20 days

Current Behavior

no errors, at least i didnt get error

Reproduction Steps

Login Code:

 [HttpPost]
 [ValidateAntiForgeryToken]
 [AutoValidateAntiforgeryToken]
 public async Task<IActionResult> SendSmsCode([FromForm] MyViewModel model)
 {
            if (!ModelState.IsValid) return View();

            var user = await _userManager.Users.FirstOrDefaultAsync(u => u.PhoneNumber == model.PhoneNumber);
            if (user == null)
            {
                      ModelState.AddModelError(string.Empty, "wrong Phone Numer");
                      return View();
            }
            var SmsCode = await _userManager.GenerateChangePhoneNumberTokenAsync(user, user.PhoneNumber);
            ViewBag.SmsCode = SmsCode

            return View();
}

[HttpPost]
[ValidateAntiForgeryToken]
[AutoValidateAntiforgeryToken]
public async Task<IActionResult> ValidateCode([FromForm] MyViewModel model)
{
            if (!ModelState.IsValid) return View();

            var user = await _userManager.Users.FirstOrDefaultAsync(u => u.PhoneNumber == model.PhoneNumber);
            if (user == null)
            {
                     ModelState.AddModelError(string.Empty, "wrong Phone Numer");
                     return View();
            }

            bool result = await _userManager.VerifyChangePhoneNumberTokenAsync(user, model.SmsCode, user.PhoneNumber);

            if (!result)
            {
                ModelState.AddModelError(string.Empty, "wrong code");
                return View();
            }

            await _signInManager.SignInAsync(user, true, null);  
            /* i tried with "TwoFactorSignInAsync" instead of "SignInAsync" but no result */

            return RedirectToAction("Index", "Home");

AppDb:

public class AppDb : IdentityDbContext<AppUser, IdentityRole, string> { ..... }

AppUser:

public class AppUser : IdentityUser
{

       [ProtectedPersonalData]
       public virtual string Firstname { get; set; } = string.Empty;

       [ProtectedPersonalData]
       public virtual string Lastname { get; set; } = string.Empty;

}

Program.cs:

var builder = WebApplication.CreateBuilder(args);

builder.Services.AddDbContext<AppDb>(options =>
    options.UseSqlServer(builder.Configuration.GetConnectionString("DefaultConnection")));

builder.Services.AddIdentity<AppUser, IdentityRole>()
                        .AddEntityFrameworkStores<AppDb>()
                        .AddDefaultTokenProviders(); 

builder.Services.ConfigureApplicationCookie(options =>
{
    options.AccessDeniedPath = "/Main/NotFound";
    options.LoginPath = "/Account/Entering";
    options.LogoutPath = "/Account/Logout";
    options.Cookie.HttpOnly = true;
    options.ExpireTimeSpan = TimeSpan.FromDays(30);
    options.SlidingExpiration = true;
});

Possible Solution

No response

Additional Information/Context

No response

AWS .NET SDK and/or Package version used

Microsoft.AspNetCore.Identity.EntityFrameworkCore 8.0.10
Microsoft.AspNetCore.Identity.UI 8.0.10
Microsoft.EntityFrameworkCore.SqlServer 8.0.10
Microsoft.EntityFrameworkCore.Tools 8.0.10

Targeted .NET Platform

.NET 8

Operating System and version

Windows 10
@Jason9n Jason9n added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Oct 18, 2024
@github-actions github-actions bot added potential-regression Marking this issue as a potential regression to be checked by team member and removed potential-regression Marking this issue as a potential regression to be checked by team member labels Oct 18, 2024
@ashishdhingra
Copy link
Contributor

@Jason9n Good afternoon. Could you check the token expiration settings in you Cognito UserPool app client? Refer below screenshot:
Screenshot 2024-10-18 at 2 13 25 PM

Thanks,
Ashish

@ashishdhingra ashishdhingra added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. p2 This is a standard priority issue and removed needs-triage This issue or PR still needs to be triaged. labels Oct 18, 2024
@Jason9n
Copy link
Author

Jason9n commented Oct 20, 2024

Hi there
@ashishdhingra thanks for reply
im not using cognito , what is this ? how its works?
anyway i've created my app with ASP .NET core Web App (Model-View-Controller)

is there anyway to set the tokens lifetime in Program.cs Or when users login?

@github-actions github-actions bot removed the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Oct 21, 2024
@ashishdhingra
Copy link
Contributor

Hi there @ashishdhingra thanks for reply im not using cognito , what is this ? how its works? anyway i've created my app with ASP .NET core Web App (Model-View-Controller)

is there anyway to set the tokens lifetime in Program.cs Or when users login?

@Jason9n Good morning. In case you are not using Cognito, then perhaps you opened this issue in the wrong repository. This repository is for reporting issues when using Amazon.AspNetCore.Identity.Cognito package in your ASP.NET applications for integration with Amazon Cognito service. You perhaps wanted to open issue at https://github.com/dotnet/aspnetcore/issues!

Thanks,
Ashish

@ashishdhingra ashishdhingra added the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Oct 21, 2024
@Jason9n
Copy link
Author

Jason9n commented Oct 24, 2024

Hi @ashishdhingra , thanks for replying
damn, you are right
what fool i am
sorry for bother you
thanks again

@Jason9n Jason9n closed this as completed Oct 24, 2024
@github-actions GitHub Actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This issue is a bug. module/cog-id-provider p2 This is a standard priority issue response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ashishdhingra @Jason9n