Reputation: 5729
Create And Delete Cookies Not quite working?
I'm trying to create my one custom Validation class, for logging users in and out. however. When i log out, the Verafy Bool does not return false. (The cookie is not deleted)
What am i doing wrong? And is there anything i should be doing differently?
Hope you can help!
public static class Security
{
private static HttpCookie cookie = HttpContext.Current.Request.Cookies["Login"];
//Tells weather you are logged in or not
public static bool Verafy {
get
{
if (cookie != null)
return true;
else
return false;
}
}
//Removes cookie, (doesn't work!)
public static void signOut()
{
cookie = new HttpCookie("Login");
cookie.Expires = DateTime.Now.AddDays(-1);
HttpContext.Current.Response.Cookies.Add(cookie);
}
//Creates a cookie for x days.
public static void SignIn(int Days)
{
cookie = new HttpCookie("Login");
cookie.Name = "Login";
cookie.Expires.AddDays(Days);
HttpContext.Current.Response.Cookies.Add(cookie);
}
//This is just temporarily..
public static bool VerafyUser(string Username, string Password)
{
if (Username == "123" && Password == "123")
{
return true;
}
else
{
return false;
}
}
}
Upvotes: 0
Views: 244
Answers (2)
Reputation: 82136
I think you have taken the wrong approach here by storing a static variable for your cookie. As you never set the reference to null your property will never return false.
Get rid of the static field and have your property actually check if the cookie exists e.g.
public bool LoggedIn
{
get { return HttpContext.Current.Request.Cookies["Login"] != null; }
}
Upvotes: 0
Reputation: 3227
You have static field for cookie here, so it will be shared between all users of your app, dude! If someone else logged in after you leave the app, cookie will be restored.
Read the article http://mikehadlow.blogspot.com/2008/03/forms-authentication-with-mvc-framework.html. Should help.
Upvotes: 1