In the Startup.Auth.cs
file, add the options to configure them:
public void ConfigureAuth(IAppBuilder app)
{
// Enable the application to use a cookie to store information for the signed in user
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/Account/Login"),
ExpireTimeSpan = new System.TimeSpan(0,30,0),
SlidingExpiration = true
});
}
Just change the time from the ExpireTimeSpan
property to a time it deems appropriate.
From the documentation:
ExpireTimeSpan:
Controls how much time the cookie will remain valid from the point it is created. The expiration information is in the protected cookie ticket. Because of that an expired cookie will be ignored even if it is passed to the server after the browser should have purged it
SlidingExpiration:
The SlidingExpiration is set to true to instruct the middleware to re-issue a new cookie with a new expiration time any time it processes which is more than halfway through the expiration window.