I'm using ASP.NET forms authentication for logging users into a website we're developing.
Part of the functionality is a "Remember me" checkbox which remembers the user for a month if they check it.
The code for logging the user in is as follows:
public static void Login(HttpResponse response, string username,
bool rememberMeChecked)
{
FormsAuthentication.Initialize();
FormsAuthenticationTicket tkt = new FormsAuthenticationTicket(1, username, DateTime.Now,
DateTime.Now.AddMinutes(30), rememberMeChecked,
FormsAuthentication.FormsCookiePath);
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(tkt));
ck.Path = FormsAuthentication.FormsCookiePath;
if (rememberMe)
ck.Expires = DateTime.Now.AddMonths(1);
response.Cookies.Add(ck);
}
The relevant section in the web.config is this:
<authentication mode="Forms">
<forms loginUrl="Home.aspx" defaultUrl="~/" slidingExpiration="true" timeout="43200" />
</authentication>
This logs the user fine but logs them out after half an hour if they don't use the site, although its persistence property (rememberMeChecked) is set to true and if it is true, the cookie is set to expire after a month. Is there something I'm missing here?
Thanks in advance, F
See Question&Answers more detail:os
