How to keep user login in to system and logout only after user clicks on logout button?

Question

I am using custom implementation of microsoft asp.net identity because i have custom tables that is why i have given custom implementation of all my methods IUserStore a

Answer 1

Here's what i did when i coded a user to keep signed in...

Code

public partial class Startup
    {

        public void ConfigureAuth(IAppBuilder app)
        {
            // Enable the application to use a cookie to store information for the signed in user
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString("/Account/Login")
            });
// Use a cookie to temporarily store information about a user logging in with a third party login provider
            app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

        }
    }

Account Controller

public class AccountController : Controller
    {
        /// 

        /// Initializes a new instance of the  class.
        /// 
        public AccountController()
            : this(new UserManager(new UserStore(new ApplicationDbContext())))
        {
        }

        /// 

        /// Initializes a new instance of the  class.
        /// 
        /// The user manager.
        public AccountController(UserManager userManager)
        {
            UserManager = userManager;
        }

        /// 

        /// Gets the user manager.
        /// 
        /// 
        /// The user manager.
        /// 
        public UserManager UserManager { get; private set; }

        //
        // GET: /Account/Login
        /// 

        /// Logins the specified return URL.
        /// 
        /// The return URL.
        /// 
        [AllowAnonymous]
        public ActionResult Login(string returnUrl)
        {
            ViewBag.ReturnUrl = returnUrl;
            return View();
        }

        //
        // POST: /Account/Login
        /// 

        /// Logins the specified model.
        /// 
        /// The model.
        /// The return URL.
        /// 
        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public async Task Login(LoginViewModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                var user = await UserManager.FindAsync(model.UserName, model.Password);
                if (user != null)
                {
                    await SignInAsync(user, model.RememberMe);
                    return RedirectToLocal(returnUrl);
                }
                else
                {
                    ModelState.AddModelError("", "Invalid username or password.");
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

private async Task SignInAsync(ApplicationUser user, bool isPersistent)
        {
            AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
            var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
            AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity);
        }

OR.. You can also configure the session timeout for a user at the application pool level in IIS.