private static void StoreUsernameImpl(string userName, bool persistAcrossSessions)
        {
            Verify.ArgumentNotNullOrEmpty(userName, "userName");

            userName = userName.ToLower(CultureInfo.InvariantCulture);

            TimeSpan timeToLive = (persistAcrossSessions ? TimeSpan.FromDays(365) : TempTicketMaxAge);

            var    ticket          = new FormsAuthenticationTicket(userName, persistAcrossSessions, (int)timeToLive.TotalMinutes);
            string encryptedTicket = FormsAuthentication.Encrypt(ticket);

            var cookie = CookieHandler.SetCookieInternal(AuthCookieName, encryptedTicket);

            cookie.HttpOnly = true;

            var context = HttpContext.Current;

            if (context != null && context.Request.IsSecureConnection)
            {
                cookie.Secure = true;
            }

            if (persistAcrossSessions)
            {
                cookie.Expires = DateTime.Now + timeToLive;
            }
        }
コード例 #2
0
        private static void StoreUsernameImpl(string userName, bool persistAcrossSessions)
        {
            Verify.ArgumentNotNullOrEmpty(userName, "userName");

            userName = userName.ToLower(CultureInfo.InvariantCulture);

            TimeSpan timeToLive = (persistAcrossSessions ? TimeSpan.FromDays(365) : TempTicketMaxAge);

            var    ticket          = new FormsAuthenticationTicket(userName, persistAcrossSessions, (int)timeToLive.TotalMinutes);
            string encryptedTicket = FormsAuthentication.Encrypt(ticket);

            var cookie = CookieHandler.SetCookieInternal(AuthCookieName, encryptedTicket);

            cookie.HttpOnly = true;

            var context = HttpContext.Current;

            if (context != null)
            {
                if (context.Request.IsSecureConnection)
                {
                    cookie.Secure = true;
                }
                else if (cookie.Secure)
                {
                    throw new InvalidOperationException(
                              "A login attempt over a not secure connection, when system.web/httpCookies/@requireSSL is set to 'true'. " +
                              "Either secure connection should be required for console login, or SSL should not be required for cookies.");
                }
            }

            if (persistAcrossSessions)
            {
                cookie.Expires = DateTime.Now + timeToLive;
            }
        }