0

I am using the following code for a custom "remember me" implimentation:

        FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, member.UserName, DateTime.Now, DateTime.Now.AddHours(24), true, dataString);
        string encTicket = FormsAuthentication.Encrypt(ticket);
        HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
        faCookie.Expires = ticket.Expiration;
        HttpContext.Current.Response.Cookies.Add(faCookie);

But some users cannot login (Login page appears even after sign in).
It seems the problem is caused by the client having a different (greater) date than the server. So, what is the best and correct solution for a "remember me" implementation.
To solve this problem I must remove this line:

faCookie.Expires = ticket.Expiration;

After removing this line, when user closes the browser, he must sign in (cookie is not persist). What is the solution?

Federico González
  • 450
  • 2
  • 12
Meh Man
  • 463
  • 1
  • 6
  • 22

1 Answers1

0

What you could do is get the clients Date/Time and use that for the Cookie, rather than the server time.

There is a great answer here showing you a good way to do this; basically populate a hidden field with the clients date/time and get it on postback.

You could have this hidden field on your masterpage so the clients date/time is always available. doesn't need to just be on the login screen.

Community
  • 1
  • 1
Darren Wainwright
  • 30,247
  • 21
  • 76
  • 127