Freenzy
Reputation: 41
Blazor Server Side - Cookie Authentication - check cookie expiration date
I use Cookie Authentication in a Blazor server side application. Is there a way to check whether cookie has expired?
I've tried to get cookie expiration date with HttpContextAccessor but there's only an encrypted value of a cookie.
Upvotes: 0
Views: 1499
Answers (1)
Joseph Sible-Reinstate Monica
Reputation: 48612
You shouldn't be checking cookie expiration on the server. A legitimate client will remove the cookie itself when it expires, and a rogue client can lie about the expiration. If you want to expire a login token or something, you need to handle it completely separately from the expiration of the cookie itself for it to be secure.
Upvotes: 2
Related Questions
- Creating and Reading Cookies on Blazor Server Side
- How to set consent cookie in Blazor Server
- How do I create a cookie client side using blazor
- Blazor Server Side - How to use RevalidatingServerAuthenticationStateProvider to keep checking token expiry?
- Blazor Web Assembly (wasm) won't expire client side cookie until page is refreshed
- Blazor - Server Side - Cookie Authentication
- Client side Blazor authentication token expired on server side
- Blazor server side - Is there any way to get a Cookie value during the initialization?
- ASP.NET Core with Blazor: Cannot figure out cookie authentification
- How to detect cookie expiration in AngularJS?