When using session to save state information in the project, the time-out situation often occurs, in order to keep the State in accordance with its own needs for a period of time, the underlying use of FormsAuthenticationTicket to save state information. The reference code is as follows:
The cookies used are encrypted.
//-----------------------------------------------------------------------//<copyright file= "TicketTool.cs" company= "Hairihan, Ltd." >//Copyright (c), All rights reserved.//</copyright>//-----------------------------------------------------------------------usingSystem;usingsystem.web;usingSystem.Web.Script.Serialization;usingSystem.Web.Security;usingSystem.Web.UI;namespaceinfrastructure{usingdotnet.utilities; /// <summary> ///Instrument Instruments/// /// ///Change of record/// ///2015-03-17 Version: 1.0 songbiao Create a file. /// /// <author> /// <name>Songbiao</name> /// <date>2015-03-17</date> /// </author> /// </summary> Public classTickettool {/// <summary> ///create a ticket and place it in a cookie///The data in the ticket is encrypted to solve the security problem of the cookie. /// </summary> /// <param name= "UserInfo" >logged in user</param> /// <param name= "Issuedatetime" >Release Time</param> /// <param name= "Experation" >Expiry Time</param> /// <param name= "Ispersistent" >Durability</param> Public Static voidSetcookie (Baseuserinfo userInfo, DateTime? issuedatetime =NULLDatetime? Experation =NULL,BOOLIspersistent =true) { if(Issuedatetime = =NULL) {Issuedatetime=DateTime.Now; } if(Experation = =NULL) { //Set cookie defaults to 16 hoursExperation = DateTime.Now.AddHours ( -); } basesysteminfo.userinfo=UserInfo; BaseSystemInfo.UserInfo.ServicePassword=Basesysteminfo.servicepassword; BaseSystemInfo.UserInfo.ServiceUserName=Basesysteminfo.serviceusername; BaseSystemInfo.UserInfo.SystemCode=Basesysteminfo.systemcode; JavaScriptSerializer JavaScriptSerializer=NewJavaScriptSerializer (); stringUserData =javascriptserializer.serialize (Basesysteminfo.userinfo); //generate a validation ticket that includes the user name, effective time, expiration time, whether persistent and user data, and so on. FormsAuthenticationTicket ticket =NewFormsAuthenticationTicket (1, Userinfo.nickname, (DateTime) Issuedatetime, (datetime) experation, ispersistent, UserData, Formsauthentication.formscookiepath); HttpCookie Cookies=NewHttpCookie (Formsauthentication.formscookiename, Formsauthentication.encrypt (ticket)); Cookies. Expires=(DateTime) experation; HttpResponse Response=HttpContext.Current.Response; //Specify whether client script can access [default = False]Cookies. HttpOnly =true; //specifies a unified path, which can be stored and taken throughCookies. Path ="/"; //set up a cross-domain so that you can access the same site under the other two-level domain name//cookies. Domain = "zt-express.com";Response. AppendCookie (cookie); } /// <summary> ///get logged in user information/// </summary> /// <returns></returns> Public Staticbaseuserinfo GetUserInfo () {HttpCookie Authcookie=Httpcontext.current.request.cookies[formsauthentication.formscookiename]; if(Authcookie! =NULL) {FormsAuthenticationTicket AuthTicket=Formsauthentication.decrypt (Authcookie.value); if(AuthTicket! =NULL) { stringUserData =Authticket.userdata; JavaScriptSerializer JavaScriptSerializer=NewJavaScriptSerializer (); varUserInfo = javascriptserializer.deserialize<baseuserinfo>(UserData); returnUserInfo; } } return NULL; } /// <summary> ///Use this method to determine the login/// </summary> /// <returns>logged in returns True</returns> Public Static BOOLIsLogin () {returnHttpContext.Current.User.Identity.IsAuthenticated; } /// <summary> ///Sign Out/// </summary> Public Static voidLogout () {formsauthentication.signout (); } /// <summary> ///Get login user name/// </summary> /// <returns></returns> Public Static stringGetUserName () {returnHttpContext.Current.User.Identity.Name; } /// <summary> ///obtaining data from Notes/// </summary> /// <returns></returns> Public Static stringGetuserdata () {varFormsIdentity = HttpContext.Current.User.Identity asformsidentity; if(FormsIdentity! =NULL) { returnFormsIdentity.Ticket.UserData; } return string. Empty; } /// <summary> ///gets the time-out for FormsAuthentication authentication/// </summary> /// <param name= "page" ></param> /// <returns></returns> Public Static Doublegetformtimeout (Page page) {varCookie =( HttpCookie) (page. Request.cookies[formsauthentication.formscookiename]); //If no user login, the cookie would be null if(Cookie! =NULL) { varTicket =Formsauthentication.decrypt (cookies. Value); if(Ticket! =NULL) { DoubleTimeoutinminutes = (ticket. Expiration-ticket. IssueDate). Totalminutes; returntimeoutinminutes; } } return-1; } /// <summary> ///How long does the rest of the time expire/// </summary> /// <param name= "page" ></param> /// <returns></returns> Public Static Doublegettotalleftformtimeout (Page page) {varCookie =( HttpCookie) (page. Request.cookies[formsauthentication.formscookiename]); //If no user login, the cookie would be null if(Cookie! =NULL) { varTicket =Formsauthentication.decrypt (cookies. Value); if(Ticket! =NULL&& ticket. Expiration >DateTime.Now) {DoubleTimeoutmillisecond = (ticket. Expiration-DateTime.Now). TotalMilliseconds; returnTimeoutmillisecond; } } return-1; } }}
Add the following in Web. config:
<authentication mode="Forms"> <forms name="hrhsecurity " loginurl="~/account/login "timeout="2880" /> </authentication>
Encrypted cookie information that is passed
Common rights management system underlying state-saving ticket tool