diff --git a/projects/Infrastructure/Extensions/HttpContextExtensions.cs b/projects/Infrastructure/Extensions/HttpContextExtensions.cs index 28d8e61d..0da880ae 100644 --- a/projects/Infrastructure/Extensions/HttpContextExtensions.cs +++ b/projects/Infrastructure/Extensions/HttpContextExtensions.cs @@ -22,11 +22,19 @@ namespace Infrastructure.Extensions httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrincipal, new AuthenticationProperties { IsPersistent = rememberMe }); } - public static void SignIn(this HttpContext httpContext, string userName, bool rememberMe, IConfiguration cfg, DateTime expires) + public static void SignIn(this HttpContext httpContext, string userName, bool rememberMe, IConfiguration cfg) { - var token = httpContext.GetToken(userName, rememberMe, cfg, expires); + var token = httpContext.GetToken(userName, rememberMe, cfg, DateTime.Now.AddYears(1)); + var cookieOptions = new CookieOptions + { + HttpOnly = true + }; + if (rememberMe) + { + cookieOptions.Expires = DateTimeOffset.Now.AddYears(1); + } httpContext.Response.Cookies.Delete("jwt"); - httpContext.Response.Cookies.Append("jwt", token); + httpContext.Response.Cookies.Append("jwt", token, cookieOptions); } public static string GetToken(this HttpContext httpContext, string userName, bool rememberMe, IConfiguration cfg, DateTime expires) diff --git a/projects/UserCenter/Controllers/AccountController.cs b/projects/UserCenter/Controllers/AccountController.cs index 90af0709..daac506a 100644 --- a/projects/UserCenter/Controllers/AccountController.cs +++ b/projects/UserCenter/Controllers/AccountController.cs @@ -205,7 +205,7 @@ namespace UserCenter.Controllers } else { - HttpContext.SignIn(model.UserName, model.RememberMe, _cfg, DateTime.Now.AddDays(1)); + HttpContext.SignIn(model.UserName, model.RememberMe, _cfg); if (string.IsNullOrEmpty(returnUrl)) { returnUrl = Url.Action("Index", "Home");