Popular Topics

Topics

About

Policies

Our Network

More

HomeBlogs.NET ProgrammingHow to work with cookies in ASP.NET Core
joydip_kanjilal
by Joydip Kanjilal
Contributor

How to work with cookies in ASP.NET Core

how-to
Nov 04, 20195 mins
C#Microsoft .NETSoftware Development

Take advantage of cookies to store and retrieve user-specific information in your ASP.NET Core web application.

thinkstockphotos cookies
Credit: Nastco/Thinkstock

A cookie is a piece of data typically used to store information about the user and is stored on the user’s computer. In most browsers each cookie is stored as a small file, but in Firefox they are stored all together in a single file. Cookies are represented as key-value pairs, and you can take advantage of the keys to read, write, or delete cookies.

ASP.NET Core uses cookies to maintain session state; the cookie that contains the session ID is sent to the client with each request. This article presents a discussion of how we can work with cookies in ASP.NET Core.

To work with the code examples provided in this article, you should have Visual Studio 2019 installed in your system. If you don’t already have a copy, you can download Visual Studio 2019 here.

Create an ASP.NET Core MVC project in Visual Studio

First off, let’s create an ASP.NET Core MVC project in Visual Studio 2019. Assuming Visual Studio 2019 is installed in your system, follow the steps outlined below to create a new ASP.NET Core MVC project in Visual Studio.

  1. Launch the Visual Studio IDE.
  2. Click on “Create new project.”
  3. In the “Create new project” window, select “ASP.NET Core Web Application” from the list of templates displayed.
  4. Click Next.
  5. In the “Configure your new project” window, specify the name and location for the new project.
  6. Optionally, select the “Place solution and project in the same directory” check box.
  7. Click Create.
  8. In the “Create a New ASP.NET Core Web Application” window shown next, select .NET Core as the runtime and ASP.NET Core 2.2 (or later) from the drop-down list at the top.
  9. Select “Web Application (Model-View-Controller)” as the project template to create a new ASP.NET Core MVC application. 
  10. Ensure that the check boxes “Enable Docker Support” and “Configure for HTTPS” are unchecked as we won’t be using those features here.
  11. Ensure that Authentication is set to “No Authentication” as we won’t be using authentication here either.
  12. Click Create. 

You should now have a new ASP.NET Core MVC project ready to go in Visual Studio. We’ll use this project in the subsequent sections of this article.

You can read a cookie from the Request.Cookies collection. The following code snippet illustrates how you can read a cookie from the Request object in ASP.NET Core.

string cookie = Request.Cookies["Key"];

If you would like to specify the expiration time of the cookie, you can use the overloaded version of the Append method as shown in the code snippet given below.

CookieOptions option = new CookieOptions(); 
option.Expires = DateTime.Now.AddMilliseconds(10); 
Response.Cookies.Append(key, value, option); 

The CookieOptions class enables you to specify the following additional properties when creating a cookie:

  • Domain — used to specify the domain associated with a cookie
  • Expiration time — used to specify the expiration time of the cookie
  • Path — used to specify the cookie path
  • Security policy — used to specify if the cookie is accessible over HTTPS
  • HttpOnly — used to specify if the cookie is available only to the server

To write a cookie you can take advantage of the Append method pertaining to the Request object. The following code snippet illustrates how this can be achieved.

Response.Cookies.Append(somekey, somevalue);

To remove a cookie, you can use the Delete method of the Cookies collection pertaining to the Request object. The following code snippet shows how this can be achieved.

Response.Cookies.Delete(somekey);

Access HttpContext in ASP.NET Core

In this section we’ll examine how we can work with cookie data in ASP.NET Core. We’ll need to access the HttpContext to be able to access the Request object. You can access the HttpContext in ASP.NET Core using the IHttpContextAccessor interface. The HttpContextAccessor class implements this interface.

First you should register IHttpContextAccessor for dependency injection. The following code snippet illustrates how you can add a singleton service of type HttpContextAccessor in the ConfigureServices method of the Startup class.

public void ConfigureServices(IServiceCollection services)
        {
            services.AddSingleton<IHttpContextAccessor,
            HttpContextAccessor>();
            //Other code
        }

You can take advantage of dependency injection to get a reference to the IHttpContextAccessor instance. This will in turn provide you a reference to HttpContext.

The following code snippet illustrates how you can access the IHttpContextAccessor instance in the controller. Note that HomeController is created by default when you create a new ASP.NET Core MVC project in Visual Studio.

public class HomeController : Controller
{
  private readonly IHttpContextAccessor _httpContextAccessor;
  public HomeController(IHttpContextAccessor httpContextAccessor)
  {
     this._httpContextAccessor = httpContextAccessor;
  }   
  //Write your action methods here
}

You can use the following method to write cookie data in your controller.

public IActionResult Write(string key, string value, bool isPersistent)
  {
       CookieOptions options = new CookieOptions();
       if (isPersistent)
           options.Expires = DateTime.Now.AddDays(1);
       else
           options.Expires = DateTime.Now.AddSeconds(10);
       _httpContextAccessor.HttpContext.Response.Cookies.Append
       (key, value, options);
       return View("WriteCookie");
  }

Once the cookie data has been written successfully, you can use the following method to read cookie data in your controller.

public IActionResult Read(string key)
  {
       ViewBag.Data =
       _httpContextAccessor.HttpContext.Request.Cookies[key];
       return View("ReadCookie");
  }

To check if a cookie has been written properly, you can inspect the cookie cache of your web browser. In a future post, we’ll examine how we can work with cookie-based authentication and authorization in ASP.NET Core.

joydip_kanjilal
by Joydip Kanjilal
Contributor

Joydip Kanjilal is a Microsoft Most Valuable Professional (MVP) in ASP.NET, as well as a speaker and the author of several books and articles. He received the prestigious MVP award for 2007, 2008, 2009, 2010, 2011, and 2012.

He has more than 20 years of experience in IT, with more than 16 years in Microsoft .Net and related technologies. He has been selected as MSDN Featured Developer of the Fortnight (MSDN) and as Community Credit Winner several times.

He is the author of eight books and more than 500 articles. Many of his articles have been featured at Microsoft’s Official Site on ASP.Net.

He was a speaker at the Spark IT 2010 event and at the Dr. Dobb’s Conference 2014 in Bangalore. He has also worked as a judge for the Jolt Awards at Dr. Dobb's Journal. He is a regular speaker at the SSWUG Virtual Conference, which is held twice each year.

More from this author

Most popular authors

Show me more

analysis

Beyond the usual suspects: 5 fresh data science tools to try today

By Serdar Yegulalp
Jul 12, 20242 mins
PythonProgramming LanguagesSoftware Development
Image
analysis

Generative AI won’t fix cloud migration

By David Linthicum
Jul 12, 20245 mins
Generative AIArtificial IntelligenceCloud Computing
Image
news

HR professionals trust AI recommendations

By Paul Krill
Jul 11, 20243 mins
Technology IndustryCareers
Image
video

How to use dbm to stash data quickly in Python

Jul 04, 20244 mins
Python
Image
video

How to auto-generate Python type hints with Monkeytype

Jun 11, 20245 mins
Python
Image
video

How to make HTML GUIs in Python with NiceGUI

Jun 04, 20245 mins
Python
Image