public void SetCookie(string email, string username, bool persistent = false, string[] roles = null, byte[] tag = null) { var cookie = new AuthenticationCookie(0, Guid.NewGuid(), persistent, email, username, roles, tag); using (var protector = new CookieProtector(_configuration)) { var httpCookie = new HttpCookie(_configuration.CookieName, protector.Protect(cookie.Serialize())) { HttpOnly = true, Secure = _configuration.RequireSSL, }; if (persistent) { httpCookie.Expires = cookie.IssueDate + _configuration.Timeout; } _context.Response.Cookies.Add(httpCookie); } }
private void RenewCookieIfExpiring(HttpContext context, CookieProtector protector, AuthenticationCookie authenticationCookie) { if (!_configuration.SlidingExpiration || !authenticationCookie.IsExpired(TimeSpan.FromTicks(_configuration.Timeout.Ticks / 2))) { return; } authenticationCookie.Renew(); context.Response.Cookies.Remove(_configuration.CookieName); var newCookie = new HttpCookie(_configuration.CookieName, protector.Protect(authenticationCookie.Serialize())) { HttpOnly = true, Secure = _configuration.RequireSSL, }; if (authenticationCookie.Persistent) { newCookie.Expires = authenticationCookie.IssueDate + _configuration.Timeout; } context.Response.Cookies.Add(newCookie); }