Fixed auth ticket not having a long timeout. Changed to be a 1 year timeout for logins.

5 years ago · 66994dde8a
3 changed files with 19 additions and 4 deletions
--- a/Teknik/Areas/User/Utility/UserHelper.cs
+++ b/Teknik/Areas/User/Utility/UserHelper.cs
@ -978,11 +978,27 @@ If you recieved this email and you did not reset your password, you can ignore t
				@@ -978,11 +978,27 @@ If you recieved this email and you did not reset your password, you can ignore t

        public static HttpCookie CreateAuthCookie(string username, bool remember, string domain, bool local)
        {
+            DateTime curTime = DateTime.Now;
+            DateTime expireTime = curTime.AddYears(1);
+
            Config config = Config.Load();
-            HttpCookie authcookie = FormsAuthentication.GetAuthCookie(username, remember);
-            authcookie.Name = Constants.AUTHCOOKIE;
+            FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
+                1, 
+                username, 
+                curTime,
+                expireTime,
+                remember,
+                username
+            );
+
+            string encTicket = FormsAuthentication.Encrypt(ticket);
+            HttpCookie authcookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
            authcookie.HttpOnly = true;
            authcookie.Secure = true;
+            if (remember)
+            {
+                authcookie.Expires = expireTime;
+            }

            // Set domain dependent on where it's being ran from
            if (local) // localhost
--- a/Teknik/Web.config
+++ b/Teknik/Web.config
@ -40,7 +40,7 @@
				@@ -40,7 +40,7 @@
      <forms domain=".teknik.io" protection="All" enableCrossAppRedirects="true" name="TeknikAuth" />
    </authentication>
    <compilation debug="true" targetFramework="4.6.2" />
-    <httpRuntime targetFramework="4.5.2" maxRequestLength="1048576" executionTimeout="3600" relaxedUrlToFileSystemMapping="true" />
+    <httpRuntime targetFramework="4.6.2" maxRequestLength="1048576" executionTimeout="3600" relaxedUrlToFileSystemMapping="true" />
    <pages buffer="true" enableViewState="false" />
  </system.web>
  <system.webServer>
--- a/Utilities/Utilities/Constants.cs
+++ b/Utilities/Utilities/Constants.cs
@ -3,7 +3,6 @@
				@@ -3,7 +3,6 @@
    public static class Constants
    {
        public const string SERVERUSER = "Server Admin";
-        public const string AUTHCOOKIE = "TeknikAuth";
        public const string TRUSTEDDEVICECOOKIE = "TeknikTrustedDevice";
        public const string LOGO_PATH = "~/Images/logo-black.svg";
        public const string FAVICON_PATH = "~/Images/favicon.ico";