1

Resolved

Allow ExpireUtc from ResponseSignIn to override middleware level expires setting

description

Some websites may allow user to choose how long to keep his session. We should allow user to pass ExpireUtc property during sign in to override the middleware level expire setting, so they can control the session time.

The bug applies on both cookie middleware and OAuth server middleware.

comments

Tratcher wrote Nov 18, 2013 at 4:51 PM

Tratcher wrote Apr 16 at 9:21 PM

Fixed for Cookie middleware in a2c810d30a2946b2e064091e013781e56016df94.

Not fixing OAuth server for now. Re-activating #163 for tracking.