Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How can I send a cookie from a Web.Api controller method

Tags:

I have a Web.Api service which has a method that accepts a custom class and returns another custom class:

public class TestController : ApiController {     public CustomResponse Post([FromBody]CustomRequest request)     {         // process request         ...         // create response         CustomResponse resp = new CustomResponse() { ... };         return resp;     } } 

Now I want to also send a cookie back as part of the Http response. How can I do that?

like image 577
user1429080 Avatar asked May 31 '13 09:05

user1429080


People also ask

How do you send cookies in API?

Use the RequestHeader action filtering by "cookie" to get your cookie and do a List append to the header so you can send it in the call you are doing.

How do I send a cookie request in HTTP?

To send cookies to the server, you need to add the "Cookie: name=value" header to your request. To send multiple Cookies in one cookie header, you can separate them with semicolons. In this Send Cookies example, we are sending HTTP cookies to the ReqBin echo URL.

Can an API response set cookies?

To set a cookie in REST API response, get the Response reference and use it's cookie() method.

How do I add cookies to a web API response?

Cookies in Web API. To add a cookie to an HTTP response, create a CookieHeaderValue instance that represents the cookie. Then call the AddCookies extension method, which is defined in the System.Net.Http.

What are the alternatives to Cookie authentication for web API security?

There are better alternatives for Web API security such as Json Web Tokens (JWT) that you can use instead of cookie authentication. However, if for some reason you want to implement cookie authentication for Web API you can use the technique illustrated in the remainder of this article.

Do I need to implement cookies in my Web application?

If you are building a web application then you probably have reached the point where there’s the need to implement cookies. If you haven’t, you will! This article is accompanied by a working code example on GitHub .

How does a client send cookies to the server?

The client sends a request to the server with the user’s credentials. The server authenticates the user, creates a cookie with a user id encoded, and sets it in the response header. The header Set-Cookie in the HTTP response would look like this: Once the browser gets the cookie, it can send the cookie back to the server.


1 Answers

I managed to do this by combining information from a few different locations. First, in order to easily be able to send cookies in the response, the Web.Api controller should return an instance of the System.Net.Http.HttpResponseMessage class (link):

public class TestController : ApiController {     public HttpResponseMessage Post([FromBody]CustomRequest request)     {         var resp = new HttpResponseMessage();         ...          //create and set cookie in response         var cookie = new CookieHeaderValue("customCookie", "cookieVal");         cookie.Expires = DateTimeOffset.Now.AddDays(1);         cookie.Domain = Request.RequestUri.Host;         cookie.Path = "/";         resp.Headers.AddCookies(new CookieHeaderValue[] { cookie });          return resp;     } } 

But then how do I make sure that I can easily ALSO send back the CustomResponse?

The trick is in the answer to this question. Use the Request.CreateResponse<T> method on the request object. The whole deal then becomes:

public class TestController : ApiController {     public HttpResponseMessage Post([FromBody]CustomRequest request)     {         // process request         ...          var resp = Request.CreateResponse<CustomResponse>(             HttpStatusCode.OK,             new CustomResponse() { ... }         );          //create and set cookie in response         var cookie = new CookieHeaderValue("customCookie", "cookieVal");         cookie.Expires = DateTimeOffset.Now.AddDays(1);         cookie.Domain = Request.RequestUri.Host;         cookie.Path = "/";         resp.Headers.AddCookies(new CookieHeaderValue[] { cookie });          return resp;     } } 
like image 78
user1429080 Avatar answered Sep 28 '22 02:09

user1429080