/// <summary> /// Create cookies. /// </summary> /// <param name="username">Username.</param> /// <param name="authArea">Authenticate area.</param> /// <param name="timeout">Enable timespan.</param> /// <returns></returns> public static string CreateCookies(string username, string authArea, TimeSpan timeout) { ComBoostCookiesToken token = new ComBoostCookiesToken(); token.Username = username; token.ExpiredDate = DateTime.Now.Add(timeout); byte[] data; if (authArea == null) { data = Encoding.UTF8.GetBytes(token.Username).Concat(BitConverter.GetBytes(token.ExpiredDate.ToBinary())).ToArray(); } else { data = Encoding.UTF8.GetBytes(token.Username).Concat(BitConverter.GetBytes(token.ExpiredDate.ToBinary())).Concat(Encoding.UTF8.GetBytes(authArea)).ToArray(); } token.NewSalt(); token.Signature = GetTokenSignature(data, token.Salt); BinaryFormatter formatter = new BinaryFormatter(); MemoryStream stream = new MemoryStream(); formatter.Serialize(stream, token); data = stream.ToArray(); stream.Dispose(); return(HttpServerUtility.UrlTokenEncode(data)); }
/// <summary> /// Verify cookie. /// </summary> /// <param name="cookieValue">Cookie value.</param> /// <param name="authArea">Authenticate area.</param> /// <param name="username">Username.</param> /// <param name="expiredDate">Expired date.</param> /// <returns></returns> public static bool VerifyCookie(string cookieValue, string authArea, out string username, out DateTime expiredDate) { username = null; expiredDate = DateTime.MinValue; byte[] data; try { data = HttpServerUtility.UrlTokenDecode(cookieValue); BinaryFormatter formatter = new BinaryFormatter(); MemoryStream stream = new MemoryStream(data); ComBoostCookiesToken token = (ComBoostCookiesToken)formatter.Deserialize(stream); stream.Dispose(); if (token.Signature.Length != 20) { return(false); } if (token.ExpiredDate < DateTime.Now) { return(false); } if (token.Username == null) { return(false); } if (authArea == null) { data = token.GetTokenData(); } else { data = token.GetTokenData().Concat(Encoding.UTF8.GetBytes(authArea)).ToArray(); } if (!VerifyToken(data, token.Salt, token.Signature)) { return(false); } username = token.Username; expiredDate = token.ExpiredDate; return(true); } catch { return(false); } }
/// <summary> /// Create cookies. /// </summary> /// <param name="username">Username.</param> /// <param name="authArea">Authenticate area.</param> /// <param name="timeout">Enable timespan.</param> /// <returns></returns> public static string CreateCookies(string username, string authArea, TimeSpan timeout) { ComBoostCookiesToken token = new ComBoostCookiesToken(); token.Username = username; token.ExpiredDate = DateTime.Now.Add(timeout); byte[] data; if (authArea == null) data = Encoding.UTF8.GetBytes(token.Username).Concat(BitConverter.GetBytes(token.ExpiredDate.ToBinary())).Concat(_Key).ToArray(); else data = Encoding.UTF8.GetBytes(token.Username).Concat(BitConverter.GetBytes(token.ExpiredDate.ToBinary())).Concat(Encoding.UTF8.GetBytes(authArea)).Concat(_Key).ToArray(); using (SHA1 sha1 = SHA1.Create()) token.Signature = sha1.ComputeHash(data); BinaryFormatter formatter = new BinaryFormatter(); MemoryStream stream = new MemoryStream(); formatter.Serialize(stream, token); data = stream.ToArray(); stream.Dispose(); return HttpServerUtility.UrlTokenEncode(data); }