I am storing user details with form authentication cookie.
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, userName,DateTime.Now,DateTime.Now.AddMinutes(Timeout)false};
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie authCookie = new HttpCookie(
FormsAuthentication.FormsCookieName,encryptedTicket);
HttpContext.Current.Response.Cookies.Add(authCookie);
How can I get back the added cookie and user detail (authTicket)?
The FormsAuthenticationTicket class is used to create an object that represents the authentication ticket that is used by forms authentication to identify an authenticated user.
Form Authentication is a token-based system. When users log in, they receive a token with user information that is stored in an encrypted cookie. When a user requests an ASP.NET page via the browser, the ASP.NET verifies whether the form authentication token is available.
To configure forms authentication by using the UIOpen IIS Manager and navigate to the level you want to manage. In Features View, double-click Authentication. On the Authentication page, select Forms Authentication. In the Actions pane, click Enable to use Forms authentication with the default settings.
Forms authentication enables user and password validation for Web applications that do not require Windows authentication. With forms authentication, user information is stored in an external data source, such as a Membership database, or in the configuration file for an application.
You can retrieve the FormsAuthenticationTicket
using code similar to the following:
// Retrieves the cookie that contains your custom FormsAuthenticationTicket.
HttpCookie authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
// Decrypts the FormsAuthenticationTicket that is held in the cookie's .Value property.
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
// The "authTicket" variable now contains your original, custom FormsAuthenticationTicket,
// complete with User-specific custom data. You can then check that the FormsAuthenticationTicket's
// .Name property is for the correct user, and perform the relevant functions with the ticket.
// Here, we simply write the user-specific data to the Http Response stream.
if (authTicket.Name == txtUserName.Text)
{
Response.Write(authTicket.UserData);
}
The above code makes reference to things like txtUserName.Text
, so here's a complete .ASPX page that you can paste into an empty ASP.NET webform to see how it works:
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
protected void Page_Load(object sender, EventArgs e)
{
double Timeout = 15.00;
if (!IsPostBack)
{
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,txtUserName.Text,
DateTime.Now,DateTime.Now.AddMinutes(Timeout), false, "This is my secret user-specific data");
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName,encryptedTicket);
HttpContext.Current.Response.Cookies.Add(authCookie);
}
else
{
// Retrieves the cookie that contains your custom FormsAuthenticationTicket.
HttpCookie authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
// Decrypts the FormsAuthenticationTicket that is held in the cookie's .Value property.
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
// The "authTicket" variable now contains your original, custom FormsAuthenticationTicket,
// complete with User-specific custom data. You can then check that the FormsAuthenticationTicket's
// .Name property is for the correct user, and perform the relevant functions with the ticket.
// Here, we simply write the user-specific data to the Http Response stream.
if (authTicket.Name == txtUserName.Text)
{
Response.Write(authTicket.UserData);
}
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Forms Authentication Login</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<table>
<tr>
<td>
UserName:
</td>
<td>
<asp:TextBox ID="txtUserName" runat="server"></asp:TextBox>
</td>
</tr>
<tr>
<td>
Password:
</td>
<td>
<asp:TextBox ID="txtPassword" runat="server"></asp:TextBox>
</td>
</tr>
<tr>
<td>
<asp:Button ID="Button1" runat="server" Text="Login" />
</td>
</tr>
</table>
</div>
</form>
</body>
</html>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With