How can I create persistent cookies in ASP.NET? How can I create persistent cookies in ASP.NET? asp.net asp.net

How can I create persistent cookies in ASP.NET?


asp.net cookies

Here's how you can do that.

Writing the persistent cookie.

//create a cookieHttpCookie myCookie = new HttpCookie("myCookie");//Add key-values in the cookiemyCookie.Values.Add("userid", objUser.id.ToString());//set cookie expiry date-time. Made it to last for next 12 hours.myCookie.Expires = DateTime.Now.AddHours(12);//Most important, write the cookie to client.Response.Cookies.Add(myCookie);

Reading the persistent cookie.

//Assuming user comes back after several hours. several < 12.//Read the cookie from Request.HttpCookie myCookie = Request.Cookies["myCookie"];if (myCookie == null){    //No cookie found or cookie expired.    //Handle the situation here, Redirect the user or simply return;}//ok - cookie is found.//Gracefully check if the cookie has the key-value as expected.if (!string.IsNullOrEmpty(myCookie.Values["userid"])){    string userId = myCookie.Values["userid"].ToString();    //Yes userId is found. Mission accomplished.}

asp.net cookies

Although the accepted answer is correct, it does not state why the original code failed to work.

Bad code from your question:

HttpCookie userid = new HttpCookie("userid", objUser.id.ToString());userid.Expires.AddYears(1);Response.Cookies.Add(userid);

Take a look at the second line. The basis for expiration is on the Expires property which contains the default of 1/1/0001. The above code is evaluating to 1/1/0002. Furthermore the evaluation is not being saved back to the property. Instead the Expires property should be set with the basis on the current date.

Corrected code:

HttpCookie userid = new HttpCookie("userid", objUser.id.ToString());userid.Expires = DateTime.Now.AddYears(1);Response.Cookies.Add(userid);

asp.net cookies

FWIW be very careful with storing something like a userid in a cookie unencrypted. Doing this makes your site very prone to cookie poisoning where users can easily impersonate another user. If you are considering something like this I would highly recommend using the forms authentication cookie directly.

bool persist = true;var cookie = FormsAuthentication.GetAuthCookie(loginUser.ContactId, persist);cookie.Expires = DateTime.Now.AddMonths(3);var ticket = FormsAuthentication.Decrypt(cookie.Value);var userData = "store any string values you want inside the ticket                 extra than user id that will be encrypted"var newTicket = new FormsAuthenticationTicket(ticket.Version, ticket.Name,     ticket.IssueDate, ticket.Expiration, ticket.IsPersistent, userData);cookie.Value = FormsAuthentication.Encrypt(newTicket);Response.Cookies.Add(cookie);

Then you can read this at any time from an ASP.NET page by doing 

string userId = null;if (this.Context.User.Identity.IsAuthenticated) {    userId = this.Context.User.Identity.Name;}

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last