ASP.NET core 2.0 Authentication does persist more than 15 Seconds

[brunobalmeida]

I have seen the topic: https://github.com/aspnet/Identity/issues/1389, which seems to be the same issue. But in my case something else (weird) is happening. I have set the authentication and the cookies configuration. Although, the user is logged out almost instantaneously. The weird part refers to the cookies and the expiration of them. When I look at the developer tools on Chrome my cookies are like this:

Does anybody has any ideia on how to set those cookies to the correct expiration date?

My startup looks like this:

`services.AddIdentity<ApplicationUser, IdentityRole>(config => { config.SignIn.RequireConfirmedEmail = false; }) .AddEntityFrameworkStores() .AddDefaultTokenProviders();

        services.Configure<SecurityStampValidatorOptions>(options => options.ValidationInterval = TimeSpan.FromMinutes(30));

        services.AddAuthentication()
            .Services.ConfigureApplicationCookie(o =>
        {

            o.LoginPath = "/account/login";
            o.LogoutPath = "/account/logout";
            o.SlidingExpiration = true;
            o.Cookie.Expiration = TimeSpan.FromHours(1);
            o.Cookie = new CookieBuilder
            {
                HttpOnly = true,
                Name = ".BrAssociation.Security.Cookie",
                Path = "/",
                SameSite = SameSiteMode.Lax,
                SecurePolicy = CookieSecurePolicy.SameAsRequest
            };

        });`

[blowdart]

You can't mix sliding expiration and absolute expiration at the same time. It's either or, so pick one and see if it still reproduces.

[blowdart]

We're closing this issue as no response or updates have been provided in a timely manner. If you have more details and are encountering this issue please add a new reply and re-open the issue.