I have an ASP.NET MVC5 application with a startup configuration created to use OWIN.
A user enters my application, keeps the browser open, but if he tries to access it the next day, the application redirects the user to the login page.
I can not reproduce this problem on my machine for developers, this only happens with my current hosting provider. In fact, it worked correctly on my previous provider.
The application pool is restarted once in a while, but in my experience, if I manually recycle, this does not make the tokens invalid (which should be the expected behavior, as far as I know).
I tried to set the sliding expiration explicitly and increased the validity of the cookie, but this did not affect:
// Enable the application to use a cookie to store information for the signed in user app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie, ExpireTimeSpan = TimeSpan.FromDays(365*20), SlidingExpiration = true, LoginPath = new PathString("/Account/Login") }); // Use a cookie to temporarily store information about a user logging in with a third party login provider app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);
I am using the .NET Framework 4.5. I tried updating all my NuGet packages to the latest version, but this did not solve the problem.
I checked the expiration time of the sent cookies and they are correct, this should not be a problem. This happens in different browsers.
source share