private string GetAntiForgeryTokenAndSetCookie(HttpContextBase httpContext, string salt, string domain, string path)
{
string cookieName = AntiForgeryData.GetAntiForgeryTokenName(httpContext.Request.ApplicationPath);
AntiForgeryData cookieToken = null;
HttpCookie cookie = httpContext.Request.Cookies[cookieName];
if (cookie != null)
{
try
{
cookieToken = Serializer.Deserialize(cookie.Value);
}
catch (HttpAntiForgeryException)
{
}
}
if (cookieToken == null)
{
cookieToken = AntiForgeryData.NewToken();
string cookieValue = Serializer.Serialize(cookieToken);
HttpCookie newCookie = new HttpCookie(cookieName, cookieValue)
{
HttpOnly = true, Domain = domain
};
if (!String.IsNullOrEmpty(path))
{
newCookie.Path = path;
}
httpContext.Response.Cookies.Set(newCookie);
}
AntiForgeryData formToken = new AntiForgeryData(cookieToken)
{
Salt = salt,
Username = AntiForgeryData.GetUsername(httpContext.User)
};
return(Serializer.Serialize(formToken));
}
