What is better to use for authorization in asp.net mvc, session or cookie?

A

Artem2014-06-22 11:10:50

ASP.NET

Artem, 2014-06-22 11:10:50

Always interested in this question. Which method is safer or let's say which of the options do you use and why? And yes, are there ready-made libraries for authorization that can be installed via nuget, because there is no desire to implement, for example, this article on Habré about authorization through cookies

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexey Gagarin, 2014-06-22
@Thugmaster

Of course there is :D ASP.NET Identity is the most modern one.
www.asp.net/identity
There is also SimpleMembership. It's full of lessons. In the 12th studio, when creating an MVC4 project in the base template, this system is installed by default. Those. models, controllers are created, EF is configured, as far as I remember.
habrahabr.ru/post/192238
blog.osbornm.com/2010/07/21/using-simplemembership...
ps so it's better not to write bicycles, but to use a ready-made solution. But if you are interested in the answer, then in my opinion - Cookie of course, unless you, of course, want to force the user to log in every N minutes, and also after restarting the browser.
Well, the oldest and heaviest one is ASP.NET MembershipProvider or whatever it is, but normal people don't use it now.