我正在使用ASP.NET MVC 5的外部身份验证中间件UseGoogleAuthentication / UseExternalSignInCookie和GoogleOAuth2AuthenticationOptions。有没有办法强制用户每次用户访问网站时都必须重新向Google进行身份验证?
目前,如果用户已登录Google并且他们访问该网站,则他们无需重新向Google进行身份验证。理想情况下,分配的cookie只对他们当前在网站上的会话有用...
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
var authOptions = new GoogleOAuth2AuthenticationOptions();
authOptions.ClientId = AppSettingsHelper.GoogleClientId;
authOptions.ClientSecret = AppSettingsHelper.GoogleClientSecret;
authOptions.CallbackPath = new PathString("/account/linklogincallback");
foreach (var scope in AppSettingsHelper.GoogleOAuthScope)
{
authOptions.Scope.Add(scope);
}
app.UseGoogleAuthentication(authOptions);
答案 0 :(得分:0)
将app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
替换为app.UseCookieAuthentication(..)
并指定ExpireTimeSpan
。 UseExternalSignInCookie
只是使用某些默认值的cookie身份验证方法的帮助程序。
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ExternalCookie,
SlidingExpiration = true,
ExpireTimeSpan = new System.TimeSpan(0, 5, 0),
LoginPath = new PathString("/Account/Login")
});
请注意,我们在此使用DefaultAuthenticationTypes.ExternalCookie
而不是ApplicationCookie