How does OnValidateIdentity ASP.NET Identity work

Multi tool use
Multi tool use
The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP


How does OnValidateIdentity ASP.NET Identity work



I'm trying to understand better how .NET's Identity OnValidateIdentity method works exactly. I have set up this piece of code in my application like following:


app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
CookieName = "LoginCookie",
ExpireTimeSpan = TimeSpan.FromHours(1),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromHours(1),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager))
}
});



Does OnValidateIdentity here has a role to check when user accesses my website to see how old is his cookie, and if it's older than the one that I've set in here(which is 1 hour) - the user will be forced to relog into the application.



Is this how it works exactly?




1 Answer
1



Well, why not read the source code yourself to gain full understanding?



In short this method will check if value of SecurityStamp on user record have changed. It will do the checking every hour (in your set up). So if SecurityStamp have changed, the cookie is invalidated. If SecurityStamp is unchanged from the last time it checked, the value of the cookie is updated (with new timestamp) but user is not logged out.



This feature is useful when user changes password and would like to invalidate all existing auth-cookies in all browsers.



A bit more detail in my blog post.






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

yy 8QN,ejtCuCCi znaXYDg,Mlr7 fsk LBcr aV F1
8gLe4SOLgPmuDBohMUAbGJV tR4h f1HHp S 1zwO tQra6vX8mWLlx78623ZZRU92,S7UTpg0

Popular posts from this blog

Makefile test if variable is not empty

Will Oldham

Visual Studio Code: How to configure includePath for better IntelliSense results