“AddCookie” service is used to add a cookie to store any value. Cookies are small files which are stored on the user’s computer for a certain number of days. We have the ability to determine how long they are stored before they expire when creating them. The users have the ability to view the cookies stored on their computer for the various sites they visit and view the data, so it is important to encrypt the values you save to cookies.
Cookies have a name, which is used to identify them, and a value. The name must be unique for the site. If it is not unique, using the AddCookie service will just override the existing cookie of the same name.
Cookies can be useful when you want to save a variable and not have it wiped when the user’s Internet Information Services (IIS) session ends on the session timeout or when closing the browser, like with Session Variables.
AddCookie Use Examples
Basic AddCookie Use
In this process we are adding UserId as a cookie.
The service “AddCookie” takes in Name, Value, and ExpirationInDays as inputs.
Name is the name of the cookie that we would like to add. This should be descriptive and pertain to your specific use because it must be distinct. No two cookies for the same site can share the same name.
Value is the value of the cookie we would like to add. This should always be encrypted because the user is able to go into browser settings and view all cookies stored on their computer. Encrypting the value follows good development practices and helps keep our data secure even when it is on the user’s computer. ExpireInDays is the expiration of cookie in terms of days. This is used to set the cookie’s expiration date which is also viewable by the user from the browser. After the date has passed, we are no longer able to access this data.
Note: The default value for expiration is 30 days.
In the output logs we, we can see the name and value of the cookie that we just added.
Update Existing Cookie
To update an existing cookie we can override the existing value. We can run the same “AddCookie” service with same name and the updated value.
Here we are using the same name for cookie, “UserId”, and passing a different value, “1234” to update an existing cookie. This will override the old “UserId” cookie with the new one. When you update a cookie, it creates it again so this resets the expiration date to the time limit you set when you re-create it. The expiration date for this cookie is again set to 30 days from now.
Using AddCookie for the Remember Me Feature on Login
In this example, we are saving a UserId and password to a cookie. This is used in the login process when the user clicks “Remember Me”. Upon successfully logging in, we first encrypt the UserId and the password, then save them to a cookie.
Here is what those AddCookie services look like:
Notice that we set the ExpireInDays value to 30. This means those cookies will expire from the user’s computer after 30 days and will no longer be saved for us to access.
Here are the logs for that service:
Here is what those cookies look like on a browser:
If we expand one, we can see the Name, Value, and ExpireInDays that we set in the service
The reason we wanted this to be saved in a cookie is because now when the user returns to our site in 2 weeks, the cookie will still be saved and can be auto filled into the UserId and Password text boxes when arriving on the login page.
When the page loads, we look for the cookie EPUser and EPPassword. If they are found, we set them on the page. This allows the user to sign in easily by clicking the “LOGIN” button without having the enter the information.