Cookies in Asp.Net Identity, WebApi

Question

I have a project that uses Asp.net Identity (webApi). In the front end, I used Angularjs and I used sessionStorage to set and get token.

I'm trying to understand, can I use .AspNet.ApplicationCookie to authenticate a user without going back to the server?

Why expire time is showing N/A and what it is mean (See attached image)? and I want to test.AspNet.ApplicationCookie is expired?

I the following, I'm trying to set expired time and show user alert message when the session is expired:

In ApplicationOAuthProvider:

    AuthenticationProperties properties = CreateProperties(user.UserName);
        properties.AllowRefresh = true;
        properties.ExpiresUtc = DateTime.UtcNow.AddMinutes(2);
        properties.IsPersistent = true;

In Startup.Auth:

        app.UseCookieAuthentication(new CookieAuthenticationOptions()
        {
            AuthenticationType = 
         DefaultAuthenticationTypes.ApplicationCookie,
            ExpireTimeSpan = TimeSpan.FromMinutes(2),
            SlidingExpiration = true,
            AuthenticationMode = AuthenticationMode.Active

        });

In Angularjs:

if (sessionStorage.getItem('accessToken') == null) {
    alert("Your sesstion is expired !");
}
if (sessionStorage.expired) {
    alert("Your sesstion is expired !");
};

None of these conditions is work!

Please read [ask] and elaborate on what exactly you're trying to do, and what happens. What do you mean by _"authenticate a user without going back to the server"_? And what does _"None of them is work"_ mean? What do you expect to happen, what actually happens? You do realise the `.AspNet.ApplicationCookie` is HttpOnly, so you can't access it from JavaScript? You do also realise that session storage has nothing to do with cookies? — CodeCaster, Apr 17 '19 at 08:49
Ok, have you see the Attached image? I want to now why Expires column is N/A, and what's mean of N/A? Thank you ! — A.Han, Apr 17 '19 at 09:04
https://stackoverflow.com/questions/8547620/session-cookie-versus-other-kinds-of-cookies, https://stackoverflow.com/questions/55246320/prevent-manually-set-cookie-from-clearing-in-chrome-devtools, can you answer the rest of my comment? — CodeCaster, Apr 17 '19 at 09:19
I updated the question. What do you mean by "authenticate a user without going back to the server"? keep user authenticated until he/she sign out or when the session is expired — A.Han, Apr 17 '19 at 09:35

Cookies in Asp.Net Identity, WebApi

0 Answers0