ASP.NET Boilerplate token expiration

About

Asked 1/9, 2018 at 19:36 Answered 2/9, 2018 at 5:22

Solved asp.net authentication configuration aspnetboilerplate asp.net-boilerplate

I'm using ASP.NET Boilerplate. I have an application in Angular (external to ABP) that I would like to consume my API.

For that, I get an access token via /api/TokenAuth/Authenticate, and then I use the token in the calls to my API.

The problem is that the token expires in 1 day and I would like the user session to persist longer, without the user having to login every 1 day.

Any idea how I can achieve that? I would like to make the token expiration time longer, even though I have read that it is insecure.

Thanks for the help!

Breazeale answered 1/9, 2018 at 19:36 Comment(1)

I think implementing a refresh token mechanism is better than extending the token expiration time. – Broadcloth 27/7, 2020 at 8:48

You can modify tokenAuthConfig.Expiration in YourProjectNameWebCoreModule.

private void ConfigureTokenAuth()
{
    // ...

    tokenAuthConfig.Expiration = TimeSpan.FromDays(1);
}

Looseleaf answered 2/9, 2018 at 5:22 Comment(1)

Thank you!! It will help me to solve the problem temporarily. Do you know if there is any way to extend the user's session without extending the token? It would be useful to improve security – Breazeale 5/9, 2018 at 17:42

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags