p2p.wrox.com Forums

p2p.wrox.com Forums (http://p2p.wrox.com/index.php)
-   ASP.NET 3.5 Basics (http://p2p.wrox.com/forumdisplay.php?f=351)
-   -   How to add an expiry date to Asp.net Membership cookie? (http://p2p.wrox.com/showthread.php?t=75761)

chobo2 August 17th, 2009 09:08 PM

How to add an expiry date to Asp.net Membership cookie?
 
Hi

I want to make a remember me function for my site.

I believe if i use

FormsAuthentication.SetAuthCookie("userName", true);

this would do what I want right? But I want to make it a 2 week season not till they clear it what I believe this line would do.

I am not using any of the severside controls from asp.net since I am using asp.net mvc. Also even some of membership methods such as verify() and Create() I have made my own since they did not meet my needs.


I tried to grab the .ASPXAUTH but I don't know if changing the expiry date will do what I want. Or if it will even let me.


Thanks

Lee Dumond August 17th, 2009 10:14 PM

You need to set the expiration date of the cookie. You can do that in the web.config.

Code:

<system.web>
  <authentication mode="Forms">
    <forms loginUrl="Login.aspx"
          protection="All"
          timeout="20160"
          name=".ASPXAUTH"
          path="/"
          requireSSL="false"
          slidingExpiration="false"
          defaultUrl="default.aspx"
          cookieless="UseDeviceProfile"
          enableCrossAppRedirects="false" />
  </authentication>
</system.web>

Here, the timeout is set to 20,160 minutes, which is 2 weeks. Whenever the cookie is set with a second parameter of true, this will set a persistent cookie with an expiration time of exactly two weeks from the time it was set.

chobo2 August 17th, 2009 10:48 PM

Quote:

Originally Posted by Lee Dumond (Post 245421)
You need to set the expiration date of the cookie. You can do that in the web.config.

Code:

<system.web>
  <authentication mode="Forms">
    <forms loginUrl="Login.aspx"
          protection="All"
          timeout="20160"
          name=".ASPXAUTH"
          path="/"
          requireSSL="false"
          slidingExpiration="false"
          defaultUrl="default.aspx"
          cookieless="UseDeviceProfile"
          enableCrossAppRedirects="false" />
  </authentication>
</system.web>

Here, the timeout is set to 20,160 minutes, which is 2 weeks. Whenever the cookie is set with a second parameter of true, this will set a persistent cookie with an expiration time of exactly two weeks from the time it was set.

but according to this site
http://weblogs.asp.net/scottgu/archi...08/430011.aspx

everytime they come to the site it gets rest. That means if they keep coming every day it keeps getting extended.

Lee Dumond August 17th, 2009 10:54 PM

Yes, it will be reset upon every request by default, because by default, slidingExpiration="true".

That's why I set slidingExpiration="false" in the example I posted. When you set this to "false", the expiration will not be reset.

chobo2 August 17th, 2009 10:57 PM

Quote:

Originally Posted by Lee Dumond (Post 245423)
Yes, it will be reset upon every request by default, because by default, slidingExpiration="true".

That's why I set slidingExpiration="false" in the example I posted. When you set this to "false", the expiration will not be reset.

Ah ok. So I guess if I don't check the box(ie turn CookieAuth to false) then it is by session.

Lee Dumond August 17th, 2009 11:01 PM

Yes, that is correct.

chobo2 August 19th, 2009 04:10 PM

thanks it seems to have worked. I have not had tons of time to fully test it out and stuff and it might be a while. If something changes I will be back asking again [:D]


All times are GMT -4. The time now is 08:43 AM.

Powered by vBulletin®
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
© 2013 John Wiley & Sons, Inc.