Reputation:
How to Extend Cookie expiry in .Net Web API HttpActionContext
I'm implementing Angular Project the Service Side I'm using .NET Web API. The Web API is a Stateless, so I'm using Cookie to maintain the Authentication. AuthLogin Controller Checks the Credential is correct, If it is TRUE then it create the Cookie and pass the cookie via HTTP Response. Additionally I added ActionFilterAttribute to validate the User. If any request the Web API received then it triggers the ActionFilterAttribute before entering into the Controller. Their I'm checking, the Request is containing any Cookie and it checks it with the database. Once the Cookie is validated I need to extend the cookie expiry to 30 mins.
My Web API Controller Methods
[HttpPost]
public HttpResponseMessage AuthLogin()
{
serverCookie = new CookieHeaderValue
("Test", "Super");
serverCookie.Expires = DateTimeOffset.Now.AddMinutes(15);
serverCookie.Domain = Request.RequestUri.Host;
serverCookie.Path = "/";
HttpResponseMessage response = Request.CreateResponse(_credential.Item2 ? HttpStatusCode.OK : HttpStatusCode.Unauthorized);
response.Headers.AddCookies(new CookieHeaderValue[] { serverCookie });
return response;
}
[HttpPost]
[Authenticate]
public string SecurePost()
{
return "Success";
}
The ActionFilterAttribute C# Code:
public class AuthenticateAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext actionContext)
{
Debug.WriteLine("Cookie Life Time Extended Successfully to 30 Mins.");
}
}
My Requirement is to extended the life span of Cookie to 30 Mins and send the information along with the return value. Kindly assist me in this regards.
Upvotes: 2
Views: 4321
Answers (2)
Reputation: 10125
I was able to extent cookie expiry time in MVC application
HttpCookie cookie = Request.Cookies["MyCookie"];
if (cookie!+null && !cookie.Value.IsEmpty())
{
// Update the cookie expiration
cookie.Expires = DateTime.Now.AddMinutes(Convert.ToInt32(1));
Response.Cookies.Set(cookie);//Request.Cookies.Set(cookie);
}
else
{
}
Upvotes: 2
Reputation: 6337
The HTTP protocol never sends cookie expiration time to the server. So you can not extend cookie expiration time.
Browser will send only cookie name and value to the server. All the other properties like expires, domain, path, httponly can not be accessed once the cookie has been set.
When you assign a Cookie in the response a SetCookie header gets added to the output and that will contain not only the value but also the path and the expires value.
But when the client browser sends the cookie back to the server, it simply includes the cookie name and value only and It does not send path or expires info.
Upvotes: 0
Related Questions
- How do I turn a C# object into a JSON string in .NET?
- How to escape braces (curly brackets) in a format string in .NET
- How do I get ASP.NET Web API to return JSON instead of XML using Chrome?
- Why is it common to put CSRF prevention tokens in cookies?
- Set cookies for cross origin requests
- How do I set/unset a cookie with jQuery?
- Returning http status code from Web Api controller
- Web API Put Request generates an Http 405 Method Not Allowed error
- Web API: Action Filter gets ClientId given ApiKey, but how to get ClientID in Controller classes?