protected void CheckAccount(string email, string pw)
{
ValidateInput();
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var user = client.GetAccountByEmail(email); //get this from Service1.cs
if (user == null)
{
lb_error.Text = "User not found, please try again";
}
//else if(pw != user.pw)
else if (pw == null)
{
lb_error.Text = "Pw is incorrect";
}
else
{
Session["email"] = email;
//create GUID and save into the session, a unique value that is hard to guess
string guid = Guid.NewGuid().ToString();
Session["AuthToken"] = guid; // save to the new session variable called auth token
//create a new cookie with guid value
Response.Cookies.Add(new HttpCookie("AuthToken", guid));
Response.Redirect("Partner_Own_Account_Details.aspx", false);
}
}
protected void resetpw_btn_Click(object sender, EventArgs e)
{
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var user = client.GetAccountByEmail(Request.QueryString["email"]);
client.StaffResetPassword(user.Email);
resetpw_lb.Text = "Password has been reset to DOB or Date of Establishment (dd/MM) + Postal Code. E.g. 12/03539591";
}
protected void Page_Load(object sender, EventArgs e)
{
if (!String.IsNullOrEmpty(Request.QueryString["email"]))
{
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var user = client.GetAccountByEmail(Request.QueryString["email"]);
lb_pc_email.Text = user.Email;
lb_pc.Text = user.First_Name;
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Page.IsPostBack == false)
{
if (Session["email"] != null && Session["AuthToken"] != null && Request.Cookies["AuthToken"] != null) //checks for normal session, the new session "AuthToken" and new cookie
{
//String authToken = Session["AuthToken"].ToString();
//String cookie = Request.Cookies["AuthToken"].Value;
//if (!authToken.Equals(cookie))
//comes here when the 3 conditions above is not null and checks if they match
if (!Session["AuthToken"].ToString().Equals(Request.Cookies["AuthToken"].Value))
{
Response.Redirect("User_Login.aspx", false);
}
else
{
email = (string)Session["email"];
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
Account userObj = client.GetAccountByEmail(email);
if (userObj != null)
{
displayfname_lbl.Text = userObj.First_Name;
displaylname_lbl.Text = userObj.Last_Name;
displayemail_lbl.Text = userObj.Email;
displaydob_lbl.Text = userObj.Dob.ToString("dd/MM/yyyy");
displayphone_tb.Text = userObj.Hp;
displayaddress1_tb.Text = userObj.Address;
displayaddress2_tb.Text = userObj.Address;
displaypostalcode_tb.Text = userObj.Postal_Code;
displaypoints_lbl.Text = userObj.Diamonds.ToString();
//Session["email"] = userObj.Email;
}
else
{
displayfname_lbl.Text = String.Empty;
displaylname_lbl.Text = String.Empty;
displayemail_lbl.Text = String.Empty;
displaydob_lbl.Text = String.Empty;
displayaddress1_tb.Text = String.Empty;
displayaddress2_tb.Text = String.Empty;
displaypostalcode_tb.Text = String.Empty;
displaypoints_lbl.Text = String.Empty;
}
}
}
else
{
Response.Redirect("User_Login.aspx", false);
}
}
}
protected void CheckAccount(string email, string pw)
{
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
//var user = client.GetAccountByEmail(email); //get this from Service1.cs
Account userObj = client.GetAccountByEmail(email);
SHA512Managed hashing = new SHA512Managed();
//string dbHash = userObj.Password;
string dbSalt = userObj.Password_Salt;
if (userObj != null)
{
//if (dbSalt != null && dbSalt.Length > 0 && dbHash != null && dbHash.Length > 0)
//{
//string pwdWithSalt = pw + dbSalt;
//byte[] hashWithSalt = hashing.ComputeHash(Encoding.UTF8.GetBytes(pwdWithSalt));
//string userHash = Convert.ToBase64String(hashWithSalt);
//SHA512Managed hashing = new SHA512Managed();
string pwdWithSalt = pw + dbSalt;
// byte[] plainHash = hashing.ComputeHash(Encoding.UTF8.GetBytes(pw));
byte[] hashWithSalt = hashing.ComputeHash(Encoding.UTF8.GetBytes(pwdWithSalt));
String pwhash = Convert.ToBase64String(hashWithSalt);
if (pwhash.Equals(userObj.Password))
{
Session["email"] = email;
//create GUID and save into the session, a unique value that is hard to guess
string guid = Guid.NewGuid().ToString();
Session["AuthToken"] = guid; // save to the new session variable called auth token
//create a new cookie with guid value
Response.Cookies.Add(new HttpCookie("AuthToken", guid));
Response.Redirect("User_Home.aspx");
}
//}
else
{
lblMsg2.Text = "User or password is invalid, please try again";
lblMsg2.ForeColor = Color.Red;
};
}
else
{
lblMsg2.Text = "Pw is incorrect";
lblMsg2.ForeColor = Color.Red;
}
}
protected void displayPartnerProfile(string userid)
{
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var partner = client.GetAccountByEmail(Session["email"].ToString());
profile_img.Attributes["src"] = "/Images/Profile_Pictures/" + partner.Profile_Picture;
email_lb.Text = partner.Email;
fname_lb.Text = partner.First_Name;
lname_lb.Text = partner.Last_Name;
dob_lb.Text = partner.Dob.ToString("dd/MM/yyyy");
hp_lb.Text = partner.Hp;
postal_lb.Text = partner.Postal_Code;
address_lb.Text = partner.Address;
created_lb.Text = partner.Account_Created.ToString();
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["LoggedIn"] != null && Session["AuthToken"] != null && Request.Cookies["AuthToken"] != null)
{
if (Session["AuthToken"].ToString().Equals(Request.Cookies["AuthToken"].Value))
{
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var user = client.GetAccountByEmail(Session["LoggedIn"].ToString());
}
else
{
Response.Redirect("Staff_Login.aspx");
}
}
else
{
Response.Redirect("Staff_Login.aspx");
}
}
protected void Page_Load(object sender, EventArgs e)
{
//if (Session["email"] != null)
//{
// email = (string)Session["email"];
string email = string.Empty;
//}
if (Session["email"] != null && Session["AuthToken"] != null && Request.Cookies["AuthToken"] != null) //checks for normal session, the new session "AuthToken" and new cookie
{
//String authToken = Session["AuthToken"].ToString();
//String cookie = Request.Cookies["AuthToken"].Value;
//if (!authToken.Equals(cookie))
//comes here when the 3 conditions above is not null and checks if they match
if (!Session["AuthToken"].ToString().Equals(Request.Cookies["AuthToken"].Value))
{
Response.Redirect("User_Login.aspx", false);
}
else
{
//ValidateUser(email);
//string message = "Simple MessageBox";
//string title = "Title";
//MessageBox.Show(message, title);
email = (string)Session["email"];
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
Account userObj = client.GetAccountByEmail(email);
//string email = userObj.Email;
if (userObj != null)
{
Label1.Text = "Welcome " + userObj.First_Name;
}
else
{
Label1.Text = "Welcome User";
}
}
}
else
{
Response.Redirect("User_Login.aspx", false);
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["email"] != null && Session["AuthToken"] != null && Request.Cookies["AuthToken"] != null)
{
if (!Session["AuthToken"].ToString().Equals(Request.Cookies["AuthToken"].Value))
{
Response.Redirect("Partner_Login.aspx", false);
}
else
{
email = Session["email"].ToString();
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var partner = client.GetAccountByEmail(Session["email"].ToString());
lb_Company.Text = partner.First_Name;
}
}
else
{
Response.Redirect("Partner_Login.aspx", false);
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Page.IsPostBack == false)
{
if (Session["email"] != null && Session["AuthToken"] != null && Request.Cookies["AuthToken"] != null) //checks for normal session, the new session "AuthToken" and new cookie
{
//String authToken = Session["AuthToken"].ToString();
//String cookie = Request.Cookies["AuthToken"].Value;
//if (!authToken.Equals(cookie))
//comes here when the 3 conditions above is not null and checks if they match
if (!Session["AuthToken"].ToString().Equals(Request.Cookies["AuthToken"].Value))
{
Response.Redirect("User_Login.aspx", false);
}
else
{
email = (string)Session["email"];
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var userObj = client.GetAccountByEmail(email);
if (userObj != null)
{
lb_points.Text = "Your points: " + userObj.Diamonds.ToString();
}
else
{
lb_points.Text = "Your points: 0";
}
}
}
else
{
Response.Redirect("User_Login.aspx", false);
}
}
}
protected void Button1_Click(object sender, EventArgs e) // on login
{
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var user = client.GetAccountByEmail(email_tb.Text.Trim()); // gets staff account
var pass = true;
if (user == null) // if staff doesnt exist
{
error_lb.Text = "Invalid credentials"; // generic error message to prevent brute forcing
pass = false;
}
else
{
var suspended = client.CheckSuspended(user.Email); // retuns boolean, checks if staff account is suspended
if (suspended)
{
int span = 30 - Convert.ToInt16(DateTime.Now.Subtract(Convert.ToDateTime(user.Locked_Since)).TotalMinutes);
error_lb.Text = "Your account has been locked. Please wait " + span + " minutes before trying again."; // error message updates staff on the duration their account is locked for
pass = false;
}
else // if not suspended, check password
{
string salt = user.Password_Salt;
// initializing hashing thingy
SHA512Managed hashing = new SHA512Managed();
// salting plaintext and hashing after
string saltedpw = password_tb.Text.Trim() + salt;
string hashedpw = Convert.ToBase64String(hashing.ComputeHash(Encoding.UTF8.GetBytes(saltedpw)));
if (hashedpw == user.Password) // if password is correct
{
client.CheckAttempts(user.Email, true);
pass = true;
}
else // if password is incorrect, reduce attempts left by 1
{
client.CheckAttempts(user.Email, false);
error_lb.Text = "Invalid credentials"; // generic error message to prevent brute forcing
pass = false;
}
}
}
if (!ValidateCaptcha()) // in the even that the captcha detects that the user is a bot
{
error_lb.Text = error_lb.Text + "Something went wrong, please refresh and try again.";
pass = false;
}
if (pass)
{
// log in
Session["LoggedIn"] = user.Email;
Session["Role"] = user.Type; // sets user role as a session variable for future checks
string guid = Guid.NewGuid().ToString();
Session["AuthToken"] = guid;
Response.Cookies.Add(new HttpCookie("AuthToken", guid));
client.UpdateLastLogin(user.Email);
Response.Redirect("Staff_Home.aspx");
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["LoggedIn"] != null && Session["Role"] != null && Session["AuthToken"] != null && Request.Cookies["AuthToken"] != null)
{
if (!Session["AuthToken"].ToString().Equals(Request.Cookies["AuthToken"].Value))
{
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("Staff_Login.aspx");
if (Request.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
}
if (Request.Cookies["AuthToken"] != null)
{
Response.Cookies["AuthToken"].Value = string.Empty;
Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20);
}
}
else
{
if (Session["Role"].ToString() == "Staff")
{
// on page load codes here
if (!String.IsNullOrEmpty(Request.QueryString["email"]))
{
// retrieves selected user account, and displays info
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var user = client.GetAccountByEmail(Request.QueryString["email"]);
profile_img.Attributes["src"] = "/Images/Profile_Pictures/" + user.Profile_Picture;
type_lb.Text = user.Type;
email_lb.Text = user.Email;
staffid_lb.Text = user.Staff_Id;
fname_lb.Text = user.First_Name;
lname_lb.Text = user.Last_Name;
dob_lb.Text = user.Dob.ToString("dd/MM/yyyy");
hp_lb.Text = user.Hp;
postal_lb.Text = user.Postal_Code;
address_lb.Text = user.Address;
created_lb.Text = user.Account_Created.ToString();
login_lb.Text = user.Last_Login.ToString();
points_lb.Text = user.Diamonds.ToString();
if (user.Type.Trim() == "Staff")
{
resetpw_btn.Visible = false;
diamonds_lb.Visible = false;
points_lb.Visible = false;
}
else
{
staffid_lb.Visible = false;
}
}
else
{
Response.Redirect("Staff_Accounts_List.aspx");
}
}
else
{
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("Staff_Login.aspx");
if (Request.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
}
if (Request.Cookies["AuthToken"] != null)
{
Response.Cookies["AuthToken"].Value = string.Empty;
Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20);
}
}
}
}
else
{
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("Staff_Login.aspx");
if (Request.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
}
if (Request.Cookies["AuthToken"] != null)
{
Response.Cookies["AuthToken"].Value = string.Empty;
Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20);
}
}
}
protected void submit_btn_Click(object sender, EventArgs e)
{
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
error_lb.Text = "";
bool pass = true; // overall validation
bool mt = false; // empty check
string salt = "";
string hashednew = "";
// checking if any fields are empty
if (String.IsNullOrWhiteSpace(current_tb.Text) || String.IsNullOrWhiteSpace(new_tb.Text) || String.IsNullOrWhiteSpace(new2_tb.Text))
{
error_lb.Text = "Please fill all fields. <br>";
mt = true;
}
if (!mt)
{
// checks if user exists
var user = client.GetAccountByEmail(Session["email"].ToString());
// initializing hashing thingy
SHA512Managed hashing = new SHA512Managed();
// salting plaintext and hashing after
salt = user.Password_Salt;
string saltedpw = current_tb.Text.Trim() + salt;
string hashedpw = Convert.ToBase64String(hashing.ComputeHash(Encoding.UTF8.GetBytes(saltedpw)));
if (hashedpw != user.Password)
{
error_lb.Text = error_lb.Text + "Incorrect password <br>";
pass = false;
}
string saltednew = new_tb.Text.Trim() + salt;
hashednew = Convert.ToBase64String(hashing.ComputeHash(Encoding.UTF8.GetBytes(saltednew)));
if (hashednew == user.Password || hashednew == user.Password_Last || hashednew == user.Password_Last2)
{
error_lb.Text = error_lb.Text + "New password cannot be the same as current or previous 2 passwords <br>";
pass = false;
}
Regex pwRegex = new Regex(@"^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]{8,}");
if (!pwRegex.IsMatch(new_tb.Text.Trim()))
{
error_lb.Text = error_lb.Text + "Please input a password that fulfills all criteria <br>";
pass = false;
}
TimeSpan span = DateTime.Now.Subtract(user.Password_Age);
if (Convert.ToInt16(span.TotalMinutes) <= 5)
{
error_lb.Text = error_lb.Text + "You must wait " + (5 - Convert.ToInt16(span.TotalMinutes)).ToString() + " more minutes to change your password <br>";
pass = false;
}
}
if (!mt && pass)
{
int result = client.ChangePassword(Session["email"].ToString(), hashednew);
if (result == 1)
{
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("Partner_Home.aspx");
if (Request.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
}
if (Request.Cookies["AuthToken"] != null)
{
Response.Cookies["AuthToken"].Value = string.Empty;
Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20);
}
}
else
{
error_lb.Text = "Unable to change password. Please try again later.";
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["LoggedIn"] != null && Session["Role"] != null && Session["AuthToken"] != null && Request.Cookies["AuthToken"] != null)
{
if (!Session["AuthToken"].ToString().Equals(Request.Cookies["AuthToken"].Value))
{
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("Staff_Login.aspx");
if (Request.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
}
if (Request.Cookies["AuthToken"] != null)
{
Response.Cookies["AuthToken"].Value = string.Empty;
Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20);
}
}
else
{
if (Session["Role"].ToString() == "Staff")
{
// on page load codes here
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var user = client.GetAccountByEmail(Session["LoggedIn"].ToString());
profile_img.Attributes["src"] = "/Images/Profile_Pictures/" + user.Profile_Picture;
email_lb.Text = user.Email;
staffid_lb.Text = user.Staff_Id;
fname_lb.Text = user.First_Name;
lname_lb.Text = user.Last_Name;
dob_lb.Text = user.Dob.ToString("dd/MM/yyyy");
hp_lb.Text = user.Hp;
postal_lb.Text = user.Postal_Code;
address_lb.Text = user.Address;
created_lb.Text = user.Account_Created.ToString();
login_lb.Text = user.Last_Login.ToString();
}
else
{
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("Staff_Login.aspx");
if (Request.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
}
if (Request.Cookies["AuthToken"] != null)
{
Response.Cookies["AuthToken"].Value = string.Empty;
Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20);
}
}
}
}
else
{
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("Staff_Login.aspx");
if (Request.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
}
if (Request.Cookies["AuthToken"] != null)
{
Response.Cookies["AuthToken"].Value = string.Empty;
Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20);
}
}
}
private bool ValidateInput()
{
bool result;
string email = string.Empty;
lbMsg.Text = String.Empty;
email = user_email_tb.Text;//(string)Session["email"];
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
Account userObj = client.GetAccountByEmail(email);
if (user_fname_tb.Text == "")
{
lbMsg.Text += "First name is required" + "<br/>";
lbMsg.ForeColor = Color.Red;
}
if (user_lname_tb.Text == "")
{
lbMsg.Text += "Last name is required" + "<br/>";
lbMsg.ForeColor = Color.Red;
}
if (user_email_tb.Text != "")
{
if (userObj != null)
{
if (user_email_tb.Text.Equals(userObj.Email))
{
lbMsg.Text += "User has already been registered" + "<br/>";
lbMsg.ForeColor = Color.Red;
}
}
}
else
{
lbMsg.Text += "Email is required" + "<br/>";
lbMsg.ForeColor = Color.Red;
}
if (user_password_tb.Text != "")
{
if (checkPw(user_password_tb.Text) <= 4)
{
lbMsg.Text += "Please put a stronger password" + "<br/>";
lbMsg.ForeColor = Color.Red;
}
if (user_password_tb.Text != user_confirmpw_tb.Text)
{
lbMsg.Text += "Passwords do not match" + "<br/>";
lbMsg.ForeColor = Color.Red;
}
}
else
{
lbMsg.Text += "Password is required" + "<br/>";
lbMsg.ForeColor = Color.Red;
}
if (String.IsNullOrEmpty(lbMsg.Text))
{
return(true);
}
else
{
return(false);
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["LoggedIn"] != null && Session["Role"] != null && Session["AuthToken"] != null && Request.Cookies["AuthToken"] != null)
{
if (!Session["AuthToken"].ToString().Equals(Request.Cookies["AuthToken"].Value))
{
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("Staff_Login.aspx");
if (Request.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
}
if (Request.Cookies["AuthToken"] != null)
{
Response.Cookies["AuthToken"].Value = string.Empty;
Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20);
}
}
else
{
if (Session["Role"].ToString() == "Staff") // ensures that only staff are able to access the page
{
// on page load codes here
DBServiceReference.Service1Client client = new DBServiceReference.Service1Client();
var user = client.GetAccountByEmail(Session["LoggedIn"].ToString());
reports_lb.Text = client.CountUnresolvedReports().ToString();
reviews_lb.Text = client.CountPendingReviews().ToString();
gems_lb.Text = client.CountPendingGems().ToString();
// populating charts
double[] yValues = { 25, 27 };
string[] xValues = { "Female", "Male" };
gender_chart.Series["gender"].Points.DataBindXY(xValues, yValues);
gender_chart.Series["gender"].Points[0].Color = Color.PaleVioletRed;
gender_chart.Series["gender"].Points[1].Color = Color.PaleTurquoise;
}
else
{
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("Staff_Login.aspx");
if (Request.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
}
if (Request.Cookies["AuthToken"] != null)
{
Response.Cookies["AuthToken"].Value = string.Empty;
Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20);
}
}
}
}
else
{
Session.Clear();
Session.Abandon();
Session.RemoveAll();
Response.Redirect("Staff_Login.aspx");
if (Request.Cookies["ASP.NET_SessionId"] != null)
{
Response.Cookies["ASP.NET_SessionId"].Value = string.Empty;
Response.Cookies["ASP.NET_SessionId"].Expires = DateTime.Now.AddMonths(-20);
}
if (Request.Cookies["AuthToken"] != null)
{
Response.Cookies["AuthToken"].Value = string.Empty;
Response.Cookies["AuthToken"].Expires = DateTime.Now.AddMonths(-20);
}
}
}
