public static bool LoginFromCookie() { using (AuthLogic.Disable()) { try { var authCookie = System.Web.HttpContext.Current.Request.Cookies[CookieName]; if (authCookie == null || !authCookie.Value.HasText()) { return(false); //there is no cookie } string ticketText = authCookie.Value; UserEntity user = UserTicketLogic.UpdateTicket(GetDevice(), ref ticketText); AuthController.OnUserPreLogin(null, user); System.Web.HttpContext.Current.Response.Cookies.Add(new HttpCookie(CookieName, ticketText) { Expires = DateTime.UtcNow.Add(UserTicketLogic.ExpirationInterval), }); AuthController.AddUserSession(user); return(true); } catch { //Remove cookie HttpCookie cookie = new HttpCookie(CookieName) { Expires = DateTime.UtcNow.AddDays(-10) // or any other time in the past }; System.Web.HttpContext.Current.Response.Cookies.Set(cookie); return(false); } } }