private static HttpCookie GetAuthCookie(string userName, int timeout, User user) { if (userName == null) { userName = string.Empty; } var cookiePath = HttpContext.Current.Request.ApplicationPath; if (!cookiePath.EndsWith("/")) { cookiePath = cookiePath + "/"; } var ticket = new AuthenticationTicket(userName, timeout, user); string encrypted = EncryptionUtils.Encrypt(Convert.ToBase64String(AppAuthenticationTicketSerializer.Serialize(ticket))); HttpCookie httpCookie = new HttpCookie(CookieName, encrypted); httpCookie.HttpOnly = true; httpCookie.Path = cookiePath; httpCookie.Secure = HttpContext.Current.Request.IsSecureConnection; httpCookie.Expires = ticket.ExpirationUtc.ToLocalTime(); return(httpCookie); }
internal static AuthenticationTicket GetTicketFromCookie() { var cookie = HttpContext.Current.Request.Cookies.Get(CookieName); if (cookie != null && (!string.IsNullOrEmpty(cookie.Value) || !string.Equals(cookie.Value, EmptyCookieValue, StringComparison.InvariantCultureIgnoreCase))) { try { var decrypted = EncryptionUtils.Decrypt(cookie.Value); byte[] ticketBin = Convert.FromBase64String(decrypted); return(AppAuthenticationTicketSerializer.Deserialize(ticketBin, ticketBin.Length)); } catch { return(null); } } return(null); }