Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to Delete Authentication Cookie

Tags:

asp.net

cookies

asp.net-mvc-3

session-cookies

I am developing ASP.NET MVC application. I made some changes to save some extra info in cookie in latest version. Few of my customers are still running old version. Is there any way to expire the existing cookies of my existing customer and enforce them to log-on again when they connect to my new application hosted in IIS?

Thanks,

like image 432
Anand Avatar asked Jan 12 '12 13:01

Anand

People also ask

How do I remove cookies from a website?

The Cookies window will appear. In the Search: field, type the name of the site whose cookies you want to remove. The cookies that match your search will be displayed. Select the cookie (s) in the list to remove and click Remove Selected. Close the Cookies window. Close the about:preferences page.

What happens to cookies when a user account is disabled?

Once a cookie is created, the cookie is the single source of identity. If a user account is disabled in back-end systems: The app's cookie authentication system continues to process requests based on the authentication cookie. The user remains signed into the app as long as the authentication cookie is valid.

Can I use Cookie authentication without ASP NET Core Identity?

Use cookie authentication without ASP.NET Core Identity. ASP.NET Core Identity is a complete, full-featured authentication provider for creating and maintaining logins. However, a cookie-based authentication authentication provider without ASP.NET Core Identity can be used.

How do I enable useauthentication cookies on a website?

Authentication cookies are allowed when a site visitor hasn't consented to data collection. For more information, see General Data Protection Regulation (GDPR) support in ASP.NET Core. In Startup.Configure, call UseAuthentication and UseAuthorization to set the HttpContext.User property and run Authorization Middleware for requests.

3 Answers

You could use the SignOut static method:

FormsAuthentication.SignOut();

This will remove the authentication cookie and on subsequent requests the user will not be authenticated. I stressed the word subsequent because after calling this method you should redirect.

like image 193
Darin Dimitrov Avatar answered Oct 04 '22 02:10

Darin Dimitrov

I am giving newer name to my cookie in web.config, and this seem to solve my problem:-

 <forms loginUrl="~/Account/LogOn" name="InsightWebMobileCookie2" timeout="10000" slidingExpiration="true" />
like image 26
Anand Avatar answered Oct 04 '22 00:10

Anand

The problem here is you cannot read the cookie expiration date so you don't know from the cookie who the old users are.

So your options are:

  1. If you can figure out who is from the 'old' version - have logic to expire their cookie.
  2. Force everyone to logout once if they dont have a cookie named "VersionLogout". Once you force their logout, set a cookie named "VersionLogout" with a value of 1.2 for example, this way you know you've forced their logout for a particular version and they (going forward) won't be prompted again.

You would put that code in a Application_AuthenticateRequest event in the global.asax. at this point a user has been authenticated so you can check their cookie there.

like image 42
Adam Tuliper Avatar answered Oct 04 '22 02:10

Adam Tuliper
Sign in to Comment

Related questions

c# Can someone explain this boolean logic
Why is knowing the Asp.net lifecyle important to coding in Asp.net?
Split string in c#, empty space also considered as string how to discard empty string
Render DateTime.Now directly in the ASPX page
Can I use ASP.NET Session[] variable in an external DLL
How to traverse through Request.Form without knowing any details?
DateTime.ToString() display meridiem as "A.M." or "P.M."
Why doesn't this string format as currency?
Exception Details: System.Web.HttpException: Maximum request length exceeded
How to compare only year from a datetime field in sql server 2008?
mvc 4 razor view do not understand @Html.Kendo()
await SignInManager.PasswordSignInAsync() always results in a failure in my ASP.NET MVC project
Hangfire dashboard returns 404
Where are the DataValueField values for a CheckBoxList stored?
Change CSS classes from code
Use to c# in html to perform if statement
Disable copying data from webpage
how to convert source type 'System.Nullable<bool>' to target type 'bool'
Limit text size in GridView column
Operator '<' cannot be applied to operands of type 'object' and 'int'

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!