@@ -978,11 +978,27 @@ If you recieved this email and you did not reset your password, you can ignore t | |||
public static HttpCookie CreateAuthCookie(string username, bool remember, string domain, bool local) | |||
{ | |||
DateTime curTime = DateTime.Now; | |||
DateTime expireTime = curTime.AddYears(1); | |||
Config config = Config.Load(); | |||
HttpCookie authcookie = FormsAuthentication.GetAuthCookie(username, remember); | |||
authcookie.Name = Constants.AUTHCOOKIE; | |||
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( | |||
1, | |||
username, | |||
curTime, | |||
expireTime, | |||
remember, | |||
username | |||
); | |||
string encTicket = FormsAuthentication.Encrypt(ticket); | |||
HttpCookie authcookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket); | |||
authcookie.HttpOnly = true; | |||
authcookie.Secure = true; | |||
if (remember) | |||
{ | |||
authcookie.Expires = expireTime; | |||
} | |||
// Set domain dependent on where it's being ran from | |||
if (local) // localhost |
@@ -40,7 +40,7 @@ | |||
<forms domain=".teknik.io" protection="All" enableCrossAppRedirects="true" name="TeknikAuth" /> | |||
</authentication> | |||
<compilation debug="true" targetFramework="4.6.2" /> | |||
<httpRuntime targetFramework="4.5.2" maxRequestLength="1048576" executionTimeout="3600" relaxedUrlToFileSystemMapping="true" /> | |||
<httpRuntime targetFramework="4.6.2" maxRequestLength="1048576" executionTimeout="3600" relaxedUrlToFileSystemMapping="true" /> | |||
<pages buffer="true" enableViewState="false" /> | |||
</system.web> | |||
<system.webServer> |
@@ -3,7 +3,6 @@ | |||
public static class Constants | |||
{ | |||
public const string SERVERUSER = "Server Admin"; | |||
public const string AUTHCOOKIE = "TeknikAuth"; | |||
public const string TRUSTEDDEVICECOOKIE = "TeknikTrustedDevice"; | |||
public const string LOGO_PATH = "~/Images/logo-black.svg"; | |||
public const string FAVICON_PATH = "~/Images/favicon.ico"; |