MVC3 does not accept cookies
I just started my first MVC3 app and everything works fine except for cookie authorization. When a user visits my site and registers, I set a cookie.ASPAUTH with information about that user. It works well until some time passes. Then I need to log in again even though the cookie is in the browser and I see that it expires after a year. It works fine on my localhost. It seems to me that instead of setting my information to a cookie, it is somehow in session, but even if I restart my computer for an hour, I still log in. But if I don't go online after 1 hour, I am logged out.
Thanks for any help.
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
requestedUser.Name,
DateTime.Now,
DateTime.Now.AddYears(1),
true,
string.Format("{0};{1};{2}", requestedUser.IDUser.ToString(), requestedUser.IsAdmin.ToString(), profilePicture));
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
cookie.Expires = keepLogged == "keepLogged" ? DateTime.Now.AddYears(1) : DateTime.Now.AddHours(1);
this.Response.Cookies.Add(cookie);
return RedirectToAction("Index", "Posts");
source to share
You need to set the machine key in your web.config file like this:
<machineKey validationKey="4B79DF965DC586D2B267BDECB4580D40EE6811EE171AC65D929BECD8865C09ED8681B92F2177FE9F72B8E822B26914C79C1FF590CCEE65469CBC6FACD7D9F203" decryptionKey="CF39BCCD33BC38D17A704DFEB85AD9C5F265669FCD6AB54C" validation="SHA1" />
You can use this http://aspnetresources.com/tools/machineKey tool, but you have to paste it into web.config.
Every time the application pool is restarted, the application is restarted and if it is not set in web.config a new machine key is automatically generated. The FormsAuthentication cookie is hashed with this machine key and every time it changes the cookie becomes invalid
source to share