how to avoid Session Fixation in dotnet core mvc applicationbelow code i updating in user Loginstring guid GuidNewGuidToString HttpContextSessionSetInt3234UserId34 userDataIdResponseCookiesAppend34AuthToken34 guid cookieOptionsbut Its not workingKindly suggest

venkatg

Avoid Session fixation in ASP.Net Core MVC

CLOSED
User: venkatg
Posted: on Jan 24, 2022 04:33 AM
Forum: ASP.Net Core MVC
Answer: 0
Views: 2000

how to avoid Session Fixation in dot.net core mvc application.

below code i updating in user Login.

string guid = Guid.NewGuid().ToString();           
HttpContext.Session.SetInt32("UserId", userData.Id);
Response.Cookies.Append("AuthToken", guid, cookieOptions);

but Its not working.

Kindly suggest.

Download FREE API for Word, Excel and PDF in ASP.Net

dharmendr

0 1

ANSWER
User: dharmendr
Replied: on Jan 24, 2022 04:38 AM
Modified: on Jan 24, 2022 04:38 AM
Report

Hi venkatg,

Refer below code.

HttpContext.Session.SetInt32("UserId", userData.Id);
CookieOptions cookieOptions = new CookieOptions();
//Set the Expiry date of the Cookie.
cookieOptions.Expires = DateTime.Now.AddDays(30);
//Create a Cookie with a suitable Key and add the Cookie to Browser.
Response.Cookies.Append("AuthToken", Guid.NewGuid().ToString(), cookieOptions);

For more details refer below article.

venkatg

0 2

ANSWER
User: venkatg
Replied: on Jan 24, 2022 04:57 AM
Report

Hi Dharmendar ,

Your code is working but the Session Fixation issue still replicating on the dot net core application , can i have solution for the particular

dharmendr

0 3

ANSWER
User: dharmendr
Replied: on Jan 24, 2022 06:14 AM
Report

Refer below link.

https://www.codeproject.com/Articles/1259066/10-Points-to-Secure-Your-ASP-NET-Core-MVC-Applic-2

I agree, here is the link: https://www.e-iceblue.com/Introduce/spire-office-for-net-free.html

Avoid Session fixation in ASP.Net Core MVC

ASP.Net Core Cookies: Read, Write (Save) and Remove (Delete) Cookies in ASP.Net Core MVC

Company

Explore

Follow us

Contact Us