fixed problems of #106 and added codes of #107

ismcagdas · ismcagdas · commit 46e610ac56ef · 2018-01-02T10:16:29.000+03:00
diff --git a/src/AbpCompanyName.AbpProjectName.WebSpaAngular/App_Start/Startup.cs b/src/AbpCompanyName.AbpProjectName.WebSpaAngular/App_Start/Startup.cs
@@ -1,4 +1,6 @@
-﻿using Abp.Owin;
+﻿using System;
+using System.Configuration;
+using Abp.Owin;
 using AbpCompanyName.AbpProjectName.Api.Controllers;
 using AbpCompanyName.AbpProjectName.WebSpaAngular;
 using Microsoft.AspNet.Identity;
diff --git a/src/AbpCompanyName.AbpProjectName.WebSpaAngular/Controllers/AccountController.cs b/src/AbpCompanyName.AbpProjectName.WebSpaAngular/Controllers/AccountController.cs
@@ -1,5 +1,6 @@
 ﻿using System;
 using System.Collections.Generic;
+using System.Configuration;
 using System.Data.Entity;
 using System.Linq;
 using System.Security.Claims;
@@ -144,18 +145,29 @@ private async Task SignInAsync(User user, ClaimsIdentity identity = null, bool r
             }
 
             AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
-            // Many browsers do not clean up session cookies when you close them. So the rule of thumb must be:
-            // For having a consistent behaviour across all browsers, don't rely solely on browser behaviour for proper clean-up
-            // of session cookies. It is safer to use non-session cookies (IsPersistent == true) in bundle with an expiration date.
+
+            // Gp - fix code for NOT using session cookies
+            // Don’t rely solely on browser behaviour for proper clean-up of session cookies during a given browsing session. 
+            // It’s safer to use non-session cookies (IsPersistent == true) with an expiration date for having a 
+            // consistent behaviour across all browsers and versions.
             // See http://blog.petersondave.com/cookies/Session-Cookies-in-Chrome-Firefox-and-Sitecore/
-            if (rememberMe) {
-                _authenticationManager.SignIn(new AuthenticationProperties { IsPersistent = true }, identity);
-            } else {
-                _authenticationManager.SignIn(
+
+            // Gp Commented out: AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = rememberMe }, identity);
+            if (rememberMe)
+            {
+                //var rememberBrowserIdentity = AuthenticationManager.CreateTwoFactorRememberBrowserIdentity(user.Id.ToString());
+                AuthenticationManager.SignIn(
+                    new AuthenticationProperties { IsPersistent = true },
+                    identity /*, rememberBrowserIdentity*/);
+            }
+            else
+            {
+                AuthenticationManager.SignIn(
                     new AuthenticationProperties
                     {
                         IsPersistent = true,
-                        ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(int.Parse(System.Configuration.ConfigurationManager.AppSettings["AuthSession.ExpireTimeInMinutes.WhenNotPersistent"] ?? "30"))
+                        ExpiresUtc =
+                            DateTimeOffset.UtcNow.AddMinutes(int.Parse(ConfigurationManager.AppSettings["AuthSession.ExpireTimeInMinutes.WhenNotPersistet"] ?? "30"))
                     },
                     identity);
             }
