MVC3 does not accept cookies

I just started my first MVC3 app and everything works fine except for cookie authorization. When a user visits my site and registers, I set a cookie.ASPAUTH with information about that user. It works well until some time passes. Then I need to log in again even though the cookie is in the browser and I see that it expires after a year. It works fine on my localhost. It seems to me that instead of setting my information to a cookie, it is somehow in session, but even if I restart my computer for an hour, I still log in. But if I don't go online after 1 hour, I am logged out.

Thanks for any help.

FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                string.Format("{0};{1};{2}", requestedUser.IDUser.ToString(), requestedUser.IsAdmin.ToString(), profilePicture));

            string encryptedTicket = FormsAuthentication.Encrypt(ticket);
            HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
            cookie.Expires = keepLogged == "keepLogged" ? DateTime.Now.AddYears(1) : DateTime.Now.AddHours(1);

            return RedirectToAction("Index", "Posts");



source to share

1 answer

You need to set the machine key in your web.config file like this:

 <machineKey validationKey="4B79DF965DC586D2B267BDECB4580D40EE6811EE171AC65D929BECD8865C09ED8681B92F2177FE9F72B8E822B26914C79C1FF590CCEE65469CBC6FACD7D9F203" decryptionKey="CF39BCCD33BC38D17A704DFEB85AD9C5F265669FCD6AB54C" validation="SHA1" />


You can use this tool, but you have to paste it into web.config.

Every time the application pool is restarted, the application is restarted and if it is not set in web.config a new machine key is automatically generated. The FormsAuthentication cookie is hashed with this machine key and every time it changes the cookie becomes invalid



All Articles