Today I am here to explain cookies in ASP.Net. You have seen “Remember Me” in every login portal or website. I will tell you how it works in this demo.

Cookies
It is a small text file stored in a client local machine or in the memory of a client browser session. It is used to state management. We can store a small piece of information in this file. It stores information in a plain text file.

How It Works

When the client sends a request to the server then the server sends response cookies with a session Id. If the cookies are saved the first time then the cookies are used for subsequent requests.

I am giving you a small demonstration. In this demonstration I will show you how to use use cookies and what “Remember Me” is.

When the user logs in with “Remember Me” selected then cookies play an important role. If Remember Me is selected then cookies will be created with the userid and an encrypted word. Cookies are easily readable for every user in the local machine. That’s why I use md5 to encryt my word for cookies.

Check cookies on Page_Load:
    HttpCookie _objCookie = Request.Cookies["Test"]; 
     
            if (_objCookie != null) 
            { 
                bool bCheck = IsValidAuthCookie(_objCookie, "encrypt"); 
                if (bCheck) 
                { 
                    Response.Redirect("WelcomePage.aspx?User=" + Convert.ToString(_objCookie.Value.ToString().Split('|')[0]) + ""); 
                } 
            } 


I check cookies on the login page load every time. If cookies exist then I redirect the welcome.aspx directly.
LoginButton_Click
    bool IsLogin = IsValidLogin(txtUserId.Text.Trim(), txtword.Text.Trim());   
    if (IsLogin)   
    {   
        if (chkRememberMe.Checked)   
        {   
            CreateAuthCookie(txtUserId.Text.Trim(), txtword.Text.Trim(), "encrypt");   
         }   
         Response.Redirect("WelcomePage.aspx?User=" + txtUserId.Text.Trim() + "");   
    }


If “Remember me” is checked then I create cookies with User Id and encrypted word.
Suppose you login with “Remember me” checked and close the application without LogOut. Now when you open again your login page it will redirect you to the welcome.aspx page automatically. And if you logout the application then your cookies will be removed. You will see this scenario on Gmail.com, Facebook.com and so on.

Create Hash word with Md5 encryption as in the following:
    public string CreateHash(string word, string salt) 
    { 
        // Get a byte array containing the combined word + salt. 
        string authDetails = word + salt; 
        byte[] authBytes = System.Text.Encoding.ASCII.GetBytes(authDetails); 
     
        // Use MD5 to compute the hash of the byte array, and return the hash as 
        // a Base64-encoded string. 
        var md5 = new System.Security.Cryptography.MD5CryptoServiceProvider(); 
        byte[] hashedBytes = md5.ComputeHash(authBytes); 
        string hash = Convert.ToBase64String(hashedBytes); 
     
        return hash; 
    }
 

Advantages
Cookies do not require any server resources since they are stored on the client.
Cookies are easy to implement.

Disadvantages
Cookies can be disabled on user browsers
Cookies are transmitted for each HTTP request/response causing overhead on bandwidth
No security for sensitive data.

HostForLIFE.eu ASP.NET Core 2.2.1 Hosting
European best, cheap and reliable ASP.NET hosting with instant activation. HostForLIFE.eu is #1 Recommended Windows and ASP.NET hosting in European Continent. With 99.99% Uptime Guaranteed of Relibility, Stability and Performace. HostForLIFE.eu security team is constantly monitoring the entire network for unusual behaviour. We deliver hosting solution including Shared hosting, Cloud hosting, Reseller hosting, Dedicated Servers, and IT as Service for companies of all size.