问题
I have looked everywhere and cannot seem to find out for sure what the default for each of these is.
I also need to know if there is a way to set different Lifespans for each. Thanks,
回答1:
The default is apparently 24 hours for any of the tokens. You can set it to a different value, but the same value will apply to all the tokens equally (GenerateEmailConfirmationTokenAsync, GeneratePasswordResetTokenAsync and GenerateUserTokenAsync).
Setting a new value is done by specifying, for example, TokenLifespan = TimeSpan.FromHours(3) in the ApplicationUserManager.Create method in the App_Start\IdentityConfig.cs file:
if (dataProtectionProvider != null)
{
manager.UserTokenProvider =
new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity"))
{
// Added custom code to set a different lifespan
TokenLifespan = TimeSpan.FromHours(3)
};
;
}
return manager;
Source: http://www.asp.net/identity/overview/features-api/account-confirmation-and-password-recovery-with-aspnet-identity
Different lifespans for different types of tokens: Looks like pushed back to the next "major update", per this: https://aspnetidentity.codeplex.com/workitem/2228.
来源:https://stackoverflow.com/questions/31814795/what-is-the-default-tokenlifespan-of-generatepasswordresettokenasync-and-generat