<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"><head runat="server"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title></title></head><body> <form id="form1" runat="server"> <div> <asp:TextBox runat="server" ID="txtUserId"></asp:TextBox> <asp:Button runat="server" ID="btnLogin" Text="Login" OnClick="btnLogin_OnClick"/> </div> </form></body></html>
Login.aspx.csprotected void btnLogin_OnClick(object sender, EventArgs e)
{
FormsAuthentication.RedirectFromLoginPage(txtUserId.Text,false);
}
1.2.建立 Default.aspx (列出 Ticket 相關資訊,並更新 Ticket 的過期時間)<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"><head runat="server"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title></title></head><body> <form id="form1" runat="server"> <div> <asp:ListBox ID="lsIdentityInfos" runat="server"></asp:ListBox> <hr/> <asp:Button runat="server" ID="btnAddIdentity" Text="Add Identity Info" OnClick="btnAddIdentity_OnClick"/> </div> </form></body></html>
Default.aspx.cspublic partial class Default : System.Web.UI.Page{
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
FormsAuthenticationTicketInfo();
}
protected void btnAddIdentity_OnClick(object sender, EventArgs e)
{
FormsAuthenticationTicketInfo();
}
void FormsAuthenticationTicketInfo()
{
var identityInfos = new StringBuilder();
FormsAuthenticationTicket ticket = ((FormsIdentity)Context.User.Identity).Ticket;
var timeoutValue = (TimeSpan)(ticket.Expiration - ticket.IssueDate);
identityInfos.AppendLine($"Timeout:{timeoutValue}");
identityInfos.AppendLine($",IssueDate:{ticket.IssueDate.ToString("hh:mm:ss", null)}, Expiration:{ticket.Expiration.ToString("hh:mm:ss", null)}");
var now = DateTime.Now;
identityInfos.AppendLine($",Now:{now.ToString("hh:mm:ss", null)}");
//var span = now - ticket.IssueDate; //var span2 = ticket.Expiration - now; //identityInfos.AppendLine($"now - ticket.IssueDate:{span}, Expiration - now:{span2}"); lsIdentityInfos.Items.Add(identityInfos.ToString());
//var newTicket = FormsAuthentication.RenewTicketIfOld(ticket); //Response.Write($"{newTicket.Expiration.ToString("hh:mm:ss", null)}"); }
protected override void OnPreRender(EventArgs e)
{
base.OnPreRender(e);
if (Request.IsAuthenticated && Context.User.Identity is FormsIdentity)
{
//原本的 Ticket var orgTicket = ((FormsIdentity)Context.User.Identity).Ticket;
//取出 Timeout 的值 var timeoutValue = (TimeSpan)(orgTicket.Expiration - orgTicket.IssueDate);
var now = DateTime.Now;
//重新再計算新的過期時間 var newExpiration = now + timeoutValue;
//建立一個新的 Ticket var newTicket = new FormsAuthenticationTicket(orgTicket.Version, orgTicket.Name, now, newExpiration, orgTicket.IsPersistent, orgTicket.UserData);
if (newTicket.Expiration > orgTicket.Expiration)
{
// 建立 FormsAuthentication Cookie HttpCookie objCookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(newTicket));
// 蓋掉舊的 Cookie Response.Cookies.Add(objCookie);
}
}
}
}
註:我是在 Page 的 OnPreRender 去更新過期時間,您也可以將它放在 底層 Class 中,或是在 Global.asax 的 Application_AuthenticateRequest 中哦!<authentication mode="Forms"> <forms loginUrl="login.aspx" name=".rmau"
slidingExpiration="true"
timeout="4" /></authentication><authorization> <deny users="?"/></authorization>
當每次 Request Server 後,都會重新設定 Ticket 的過期時間哦! 如下,