private static HttpCookie GetAuthCookie(string userName, int timeout, User user)
{
if (userName == null)
{
userName = string.Empty;
}
var cookiePath = HttpContext.Current.Request.ApplicationPath;
if (!cookiePath.EndsWith("/"))
{
cookiePath = cookiePath + "/";
}
var ticket = new AuthenticationTicket(userName, timeout, user);
string encrypted = EncryptionUtils.Encrypt(Convert.ToBase64String(AppAuthenticationTicketSerializer.Serialize(ticket)));
HttpCookie httpCookie = new HttpCookie(CookieName, encrypted);
httpCookie.HttpOnly = true;
httpCookie.Path = cookiePath;
httpCookie.Secure = HttpContext.Current.Request.IsSecureConnection;
httpCookie.Expires = ticket.ExpirationUtc.ToLocalTime();
return(httpCookie);
}
internal static AuthenticationTicket GetTicketFromCookie()
{
var cookie = HttpContext.Current.Request.Cookies.Get(CookieName);
if (cookie != null && (!string.IsNullOrEmpty(cookie.Value) || !string.Equals(cookie.Value, EmptyCookieValue, StringComparison.InvariantCultureIgnoreCase)))
{
try
{
var decrypted = EncryptionUtils.Decrypt(cookie.Value);
byte[] ticketBin = Convert.FromBase64String(decrypted);
return(AppAuthenticationTicketSerializer.Deserialize(ticketBin, ticketBin.Length));
}
catch
{
return(null);
}
}
return(null);
}
