/// <summary>
/// Create cookies.
/// </summary>
/// <param name="username">Username.</param>
/// <param name="authArea">Authenticate area.</param>
/// <param name="timeout">Enable timespan.</param>
/// <returns></returns>
public static string CreateCookies(string username, string authArea, TimeSpan timeout)
{
ComBoostCookiesToken token = new ComBoostCookiesToken();
token.Username = username;
token.ExpiredDate = DateTime.Now.Add(timeout);
byte[] data;
if (authArea == null)
{
data = Encoding.UTF8.GetBytes(token.Username).Concat(BitConverter.GetBytes(token.ExpiredDate.ToBinary())).ToArray();
}
else
{
data = Encoding.UTF8.GetBytes(token.Username).Concat(BitConverter.GetBytes(token.ExpiredDate.ToBinary())).Concat(Encoding.UTF8.GetBytes(authArea)).ToArray();
}
token.NewSalt();
token.Signature = GetTokenSignature(data, token.Salt);
BinaryFormatter formatter = new BinaryFormatter();
MemoryStream stream = new MemoryStream();
formatter.Serialize(stream, token);
data = stream.ToArray();
stream.Dispose();
return(HttpServerUtility.UrlTokenEncode(data));
}
/// <summary>
/// Verify cookie.
/// </summary>
/// <param name="cookieValue">Cookie value.</param>
/// <param name="authArea">Authenticate area.</param>
/// <param name="username">Username.</param>
/// <param name="expiredDate">Expired date.</param>
/// <returns></returns>
public static bool VerifyCookie(string cookieValue, string authArea, out string username, out DateTime expiredDate)
{
username = null;
expiredDate = DateTime.MinValue;
byte[] data;
try
{
data = HttpServerUtility.UrlTokenDecode(cookieValue);
BinaryFormatter formatter = new BinaryFormatter();
MemoryStream stream = new MemoryStream(data);
ComBoostCookiesToken token = (ComBoostCookiesToken)formatter.Deserialize(stream);
stream.Dispose();
if (token.Signature.Length != 20)
{
return(false);
}
if (token.ExpiredDate < DateTime.Now)
{
return(false);
}
if (token.Username == null)
{
return(false);
}
if (authArea == null)
{
data = token.GetTokenData();
}
else
{
data = token.GetTokenData().Concat(Encoding.UTF8.GetBytes(authArea)).ToArray();
}
if (!VerifyToken(data, token.Salt, token.Signature))
{
return(false);
}
username = token.Username;
expiredDate = token.ExpiredDate;
return(true);
}
catch
{
return(false);
}
}
/// <summary>
/// Create cookies.
/// </summary>
/// <param name="username">Username.</param>
/// <param name="authArea">Authenticate area.</param>
/// <param name="timeout">Enable timespan.</param>
/// <returns></returns>
public static string CreateCookies(string username, string authArea, TimeSpan timeout)
{
ComBoostCookiesToken token = new ComBoostCookiesToken();
token.Username = username;
token.ExpiredDate = DateTime.Now.Add(timeout);
byte[] data;
if (authArea == null)
data = Encoding.UTF8.GetBytes(token.Username).Concat(BitConverter.GetBytes(token.ExpiredDate.ToBinary())).Concat(_Key).ToArray();
else
data = Encoding.UTF8.GetBytes(token.Username).Concat(BitConverter.GetBytes(token.ExpiredDate.ToBinary())).Concat(Encoding.UTF8.GetBytes(authArea)).Concat(_Key).ToArray();
using (SHA1 sha1 = SHA1.Create())
token.Signature = sha1.ComputeHash(data);
BinaryFormatter formatter = new BinaryFormatter();
MemoryStream stream = new MemoryStream();
formatter.Serialize(stream, token);
data = stream.ToArray();
stream.Dispose();
return HttpServerUtility.UrlTokenEncode(data);
}
