I want to have functionality on my application that lets a user check off that they wish to stay logged indefinitely (arbitrarily setting the cookie expiration at 3 months from NOW).
The code I have for dealing with this is
private static HttpCookie GetFormsAuthenticationCookie(string userNameResponse,
bool persistCookie)
{
var cookie = FormsAuthentication.GetAuthCookie(userNameResponse, persistCookie);
if (persistCookie)
cookie.Expires = DateTime.Now.AddMonths(3);
return cookie;
}
private void LoginUser(string userNameResponse, bool PersistCookie)
{
Response.Cookies.Add(GetFormsAuthenticationCookie(userNameResponse, PersistCookie));
string navigateAfterUrl = FormsAuthentication.GetRedirectUrl(userNameResponse,
PersistCookie);
Response.Redirect(navigateAfterUrl);
}
However at some point later when I return to the site I need to login again. I have verified that the cookie comes back with my expiration date and that it is not set as a session cookie (also tested with closing/reopening browser and cookie still exists). My one thought is that it has something to do with when ASP.NET expires the session.
I have a specific machine key setup in my web.config so shouldn't the same cookie work if IIS gets restarted etc? Does anyone have any suggestions on what could either be causing this or atleast on how to trace this further since I can't think of anything else to do.