这里是一种使登录持久化，甚至跨身份再生操作的方法。此描述基于使用Visual Studio MVC ASP.NET Web项目模板。

首先，我们需要有一种方法来跟踪登录会话在不同HTTP请求之间持久的事实。这可以通过向用户的身份添加“IsPersistent”声明来完成。以下扩展方法显示了一种方法。

public static class ClaimsIdentityExtensions
{
    private const string PersistentLoginClaimType = "PersistentLogin";
 
    public static bool GetIsPersistent(this System.Security.Claims.ClaimsIdentity identity)
    {
        return identity.Claims.FirstOrDefault(c => c.Type == PersistentLoginClaimType) != null;
    }
 
    public static void SetIsPersistent(this System.Security.Claims.ClaimsIdentity identity,bool isPersistent)
    {
        var claim = identity.Claims.FirstOrDefault(c => c.Type == PersistentLoginClaimType);
        if (isPersistent)
        {
            if (claim == null)
            {
                identity.AddClaim(new System.Security.Claims.Claim(PersistentLoginClaimType,Boolean.TrueString));
            }
        }
        else if (claim != null)
        {
            identity.RemoveClaim(claim);
        }
    }
}

接下来，当用户登录请求持久会话时，我们需要做出“IsPersistent”声明。例如，您的ApplicationUser类可能有一个GenerateUserIdentityAsync方法，可以更新为采用isPersistent标志参数，如下所示在需要时提出此类声明：

public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager,bool isPersistent)
{
    var userIdentity = await manager.CreateIdentityAsync(this,DefaultAuthenticationTypes.ApplicationCookie);
    userIdentity.SetIsPersistent(isPersistent);
    return userIdentity;
}

ApplicationUser.GenerateUserIdentityAsync的任何调用者现在都需要传入isPersistent标志。例如，在AccountController.SignInAsync中对GenerateUserIdentityAsync的调用将从

AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent },await user.GenerateUserIdentityAsync(UserManager));

至

AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent },await user.GenerateUserIdentityAsync(UserManager,isPersistent));

最后，在Startup.ConfigureAuth方法中使用的CookieAuthenticationProvider.OnValidateIdentity委托需要注意在标识重新生成操作中保留持久性细节。默认委托如下所示：

OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager,ApplicationUser>(
    validateInterval: TimeSpan.FromMinutes(20),user) => user.GenerateUserIdentityAsync(manager))

这可以更改为：

OnValidateIdentity = async (context) =>
{
    await SecurityStampValidator.OnValidateIdentity<ApplicationUserManager,ApplicationUser>(
        validateInterval: TimeSpan.FromMinutes(20),// Note that if identity is regenerated in the same HTTP request as a logoff attempt,// the logoff attempt will have no effect and the user will remain logged in.
        // See https://aspnetidentity.codeplex.com/workitem/1962
        regenerateIdentity: (manager,user) =>
            user.GenerateUserIdentityAsync(manager,context.Identity.GetIsPersistent())
    )(context);
 
    // If identity was regenerated by the stamp validator,// AuthenticationResponseGrant.Properties.IsPersistent will default to false,leading
    // to a non-persistent login session. If the validated identity made a claim of being
    // persistent,set the IsPersistent flag to true so the application cookie won't expire
    // at the end of the browser session.
    var newResponseGrant = context.OwinContext.Authentication.AuthenticationResponseGrant;
    if (newResponseGrant != null)
    {
        newResponseGrant.Properties.IsPersistent = context.Identity.GetIsPersistent();
    }
}