cookie asp.net mvc code example
Example: how to read and write a cookie asp.net
/// <summary>
/// Stores multiple values in a Cookie using a key-value dictionary, creating the cookie (and/or the key) if it doesn't exists yet.
/// </summary>
/// <param name="cookieName">Cookie name</param>
/// <param name="cookieDomain">Cookie domain (or NULL to use default domain value)</param>
/// <param name="keyName">Cookie key name (if the cookie is a keyvalue pair): if NULL or EMPTY, this method will raise an exception since it's required when inserting multiple values.</param>
/// <param name="values">Values to store into the cookie</param>
/// <param name="expirationDate">Expiration Date (set it to NULL to leave default expiration date)</param>
/// <param name="httpOnly">set it to TRUE to enable HttpOnly, FALSE otherwise (default: false)</param>
/// <param name="sameSite">set it to 'None', 'Lax', 'Strict' or '(-1)' to not add it (default: '(-1)').</param>
/// <param name="secure">set it to TRUE to enable Secure (HTTPS only), FALSE otherwise</param>
public static void StoreInCookie(
string cookieName,
string cookieDomain,
Dictionary<string, string> keyValueDictionary,
DateTime? expirationDate,
bool httpOnly = false,
SameSiteMode sameSite = (SameSiteMode)(-1),
bool secure = false)
{
// NOTE: we have to look first in the response, and then in the request.
// This is required when we update multiple keys inside the cookie.
HttpCookie cookie = HttpContext.Current.Response.Cookies.AllKeys.Contains(cookieName)
? HttpContext.Current.Response.Cookies[cookieName]
: HttpContext.Current.Request.Cookies[cookieName];
if (cookie == null) cookie = new HttpCookie(cookieName);
if (keyValueDictionary == null || keyValueDictionary.Count == 0)
cookie.Value = null;
else
foreach (var kvp in keyValueDictionary)
cookie.Values.Set(kvp.Key, kvp.Value);
if (expirationDate.HasValue) cookie.Expires = expirationDate.Value;
if (!String.IsNullOrEmpty(cookieDomain)) cookie.Domain = cookieDomain;
if (httpOnly) cookie.HttpOnly = true;
cookie.Secure = secure;
cookie.SameSite = sameSite;
HttpContext.Current.Response.Cookies.Set(cookie);
}
/// <summary>
/// Retrieves a single value from Request.Cookies
/// </summary>
public static string GetFromCookie(string cookieName, string keyName)
{
HttpCookie cookie = HttpContext.Current.Request.Cookies[cookieName];
if (cookie != null)
{
string val = (!String.IsNullOrEmpty(keyName)) ? cookie[keyName] : cookie.Value;
if (!String.IsNullOrEmpty(val)) return Uri.UnescapeDataString(val);
}
return null;
}
/// <summary>
/// Removes a single value from a cookie or the whole cookie (if keyName is null)
/// </summary>
/// <param name="cookieName">Cookie name to remove (or to remove a KeyValue in)</param>
/// <param name="keyName">the name of the key value to remove. If NULL or EMPTY, the whole cookie will be removed.</param>
/// <param name="domain">cookie domain (required if you need to delete a .domain.it type of cookie)</param>
public static void RemoveCookie(string cookieName, string keyName, string domain)
{
if (HttpContext.Current.Request.Cookies[cookieName] != null)
{
HttpCookie cookie = HttpContext.Current.Request.Cookies[cookieName];
// SameSite.None Cookies won't be accepted by Google Chrome and other modern browsers if they're not secure, which would lead in a "non-deletion" bug.
// in this specific scenario, we need to avoid emitting the SameSite attribute to ensure that the cookie will be deleted.
if (cookie.SameSite == SameSiteMode.None && !cookie.Secure)
cookie.SameSite = (SameSiteMode)(-1);
if (String.IsNullOrEmpty(keyName))
{
cookie.Expires = DateTime.UtcNow.AddYears(-1);
if (!String.IsNullOrEmpty(domain)) cookie.Domain = domain;
HttpContext.Current.Response.Cookies.Add(cookie);
HttpContext.Current.Request.Cookies.Remove(cookieName);
}
else
{
cookie.Values.Remove(keyName);
if (!String.IsNullOrEmpty(domain)) cookie.Domain = domain;
HttpContext.Current.Response.Cookies.Add(cookie);
}
}
}
/// <summary>
/// Checks if a cookie / key exists in the current HttpContext.
/// </summary>
public static bool CookieExist(string cookieName, string keyName)
{
HttpCookieCollection cookies = HttpContext.Current.Request.Cookies;
return (String.IsNullOrEmpty(keyName))
? cookies[cookieName] != null
: cookies[cookieName] != null && cookies[cookieName][keyName] != null;
}