public void SetCookie(string username, bool persistent = false, string[] roles = null, byte[] tag = null, DateTime? explicitExpiry = null)
{
var cookie = new AuthenticationCookie(0, Guid.NewGuid(), persistent, username, roles, tag);
using (var protector = new CookieProtector(_configuration))
{
var httpCookie = new HttpCookie(_configuration.CookieName, protector.Protect(cookie.Serialize()))
{
HttpOnly = true,
Secure = _configuration.RequireSSL,
};
if (!string.IsNullOrEmpty(_configuration.Domain))
{
httpCookie.Domain = _configuration.Domain;
}
if (persistent)
{
DateTime expireDateTime;
if (explicitExpiry.HasValue)
{
expireDateTime = explicitExpiry.Value;
}
else
{
expireDateTime = cookie.IssueDate + _configuration.Timeout;
}
httpCookie.Expires = expireDateTime;
SetExpireTimeTrackingCookie(expireDateTime);
}
_context.Response.Cookies.Add(httpCookie);
}
}