public static bool LoginFromCookie(ActionContext ac) { using (AuthLogic.Disable()) { try { if (!ac.HttpContext.Request.Cookies.TryGetValue(CookieName, out string ticketText) || !ticketText.HasText()) { return(false); //there is no cookie } var httpConnection = ac.HttpContext.Features.Get <IHttpConnectionFeature>(); UserEntity user = UserTicketLogic.UpdateTicket(httpConnection.RemoteIpAddress.ToString(), ref ticketText); AuthServer.OnUserPreLogin(ac, user); ac.HttpContext.Response.Cookies.Append(CookieName, ticketText, new CookieOptions { Domain = ac.HttpContext.Request.Host.Host.ToString(), Path = new UrlHelper(ac).Content("~/"), Expires = DateTime.UtcNow.Add(UserTicketLogic.ExpirationInterval), }); AuthServer.AddUserSession(ac, user); return(true); } catch { //Remove cookie RemoveCookie(ac); return(false); } } }
public static bool LoginFromCookie() { using (AuthLogic.Disable()) { try { var authCookie = System.Web.HttpContext.Current.Request.Cookies[CookieName]; if (authCookie == null || !authCookie.Value.HasText()) { return(false); //there is no cookie } string ticketText = authCookie.Value; UserEntity user = UserTicketLogic.UpdateTicket( System.Web.HttpContext.Current.Request.UserHostAddress, ref ticketText); AuthServer.OnUserPreLogin(null, user); System.Web.HttpContext.Current.Response.Cookies.Add(new HttpCookie(CookieName, ticketText) { Expires = DateTime.UtcNow.Add(UserTicketLogic.ExpirationInterval), HttpOnly = true, Domain = System.Web.HttpContext.Current.Request.Url.Host }); AuthServer.AddUserSession(user); return(true); } catch { //Remove cookie HttpCookie cookie = new HttpCookie(CookieName) { Expires = DateTime.UtcNow.AddDays(-10), // or any other time in the past HttpOnly = true, Domain = System.Web.HttpContext.Current.Request.Url.Host }; System.Web.HttpContext.Current.Response.Cookies.Set(cookie); return(false); } } }