C
C#4w ago
Yarden

✅ Hello :) How do I suppose to create a post method to clean my cookie?

I have a post method which "log out" the user. I have another method which log in the user and sends a cookie to the frontend. Now, I want to use the log out in order to clean the cookie, this is the method: 
 [HttpPost("logout")]
 public async Task<ActionResult> Logout()
 {
     await HttpContext.SignOutAsync("auth-cookie");
     return Ok("User logged out");
 }
 [HttpPost("logout")]
 public async Task<ActionResult> Logout()
 {
     await HttpContext.SignOutAsync("auth-cookie");
     return Ok("User logged out");
 }
The "auth-cookie" is the name of the cookie I initialized inside the Program.cs file: 
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
    .AddCookie(options =>
    {
        options.Cookie.Name = "auth-cookie"; 
        options.Cookie.HttpOnly = true;
        options.Cookie.SameSite = SameSiteMode.Lax;
        options.Cookie.SecurePolicy = CookieSecurePolicy.None;  //During development, the app runs over HTTP and not HTTPS so chrome blocks it. By placing "None" instead of "Always", chrome lets the http call to pass to the frontend.
        options.SlidingExpiration = true;
        options.ExpireTimeSpan = TimeSpan.FromHours(24);
        //options.Cookie.IsEssential = true;
    });
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
    .AddCookie(options =>
    {
        options.Cookie.Name = "auth-cookie"; 
        options.Cookie.HttpOnly = true;
        options.Cookie.SameSite = SameSiteMode.Lax;
        options.Cookie.SecurePolicy = CookieSecurePolicy.None;  //During development, the app runs over HTTP and not HTTPS so chrome blocks it. By placing "None" instead of "Always", chrome lets the http call to pass to the frontend.
        options.SlidingExpiration = true;
        options.ExpireTimeSpan = TimeSpan.FromHours(24);
        //options.Cookie.IsEssential = true;
    });
But I suppose this is not how you call it? How to make it works? Thank you!
1 Reply
Yarden
YardenOP4w ago
@gerard Hey I don't know why, I never get notifications here, and I checked this convo like 3 times during the last 2 hours but didn't see any reply, it's unbelievable. Thank you for the answer 🙏 Will try to do this 
const loginAttempt = {
      UserName: userName,
      Password: password 
    }

    try{
      setSubmitting(true);

      /* Remark: "headers: { "Content-Type": "application/json" }"  is not necessary, is tells the backend (ASP.NET) to respond with json respond, which anyway happens in default with ASP.NET*/
      const res = await axios.post("/api/auth/login", loginAttempt, { headers: { "Content-Type": "application/json" }, withCredentials: true }); //send the credentials to the backend

      if(res?.status === 200 || res?.status === 201){
        console.log("auth-login method worked");
        //Goes to AuthProvider and applies also the GET request which will insert the new data for the fresh connected user.
const loginAttempt = {
      UserName: userName,
      Password: password 
    }

    try{
      setSubmitting(true);

      /* Remark: "headers: { "Content-Type": "application/json" }"  is not necessary, is tells the backend (ASP.NET) to respond with json respond, which anyway happens in default with ASP.NET*/
      const res = await axios.post("/api/auth/login", loginAttempt, { headers: { "Content-Type": "application/json" }, withCredentials: true }); //send the credentials to the backend

      if(res?.status === 200 || res?.status === 201){
        console.log("auth-login method worked");
        //Goes to AuthProvider and applies also the GET request which will insert the new data for the fresh connected user.
So here, I have loginAttempt which stores the data about the guy we logged in, I need somehow to pass this? I need somhow to make the loginAttempt a global variable and then to be able to pass it inside the Login and the Logout

Did you find this page helpful?