Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
In ASP.NET MVC 4, Is it possible to have a different time out period for different user types?
I have an app where both users and customers will log in. Customers will tend to be fairly transient and be on the site for a short period of time, whereas users will need to remain logged in for several hours.
Is there a way to do this?
I should point out that I am not using MembershipServices. I’m handling user authentication manually.
Hope you can help,
Simon.
Short answer yes.
But you’re not using the standard membership provider so you have to engineer this functionality in yourself depending on what you’ve done.
The standard provider allows you to set the expiry date of the authentication token (see http://msdn.microsoft.com/en-us/library/system.web.security.formsauthenticationticket.expiration.aspx). The token is then written to the users browser in a cookie with the same expiry date. The expiry date is included in the token itself as otherwise the token would work forever as only the browser knows the cookies expiry date.
When the token expires, the user has to relogin.