How to implement remember me in Login page in MVC 4 razor?

Question

I am creating Login page in MVC. I am trying to implement Remember me option in Login Page. I add the code for remember but it is not working properly.

I have added the code with Response.cookies in login controller But it is not working.

Where i need to implement that Request.cookies in this code

Login Model

public class Login
    {

        public string EmailID { get; set; }
        public string Password { get; set; }
        public bool RememberMe { get; set; }
}

Login controller

 public ActionResult Login()
        {

            return View();
        }



 [HttpPost, ValidateInput(false)]
        public ActionResult Login(Login loginDetails)
        {
            if (ModelState.IsValid)
            {
                using (SYTEntities context = new SYTEntities())
                {

                    var LoginUser = context.tblUsers.Where(a => a.EmailID == loginDetails.EmailID && a.Password == loginDetails.Password).FirstOrDefault();
                    if (LoginUser != null)
                    {  
                        FormsAuthentication.SetAuthCookie(loginDetails.EmailID, loginDetails.RememberMe);
                        Session["EmailID"] = LoginUser.EmailID;
                        Session["UserID"] = LoginUser.UserID;
 if (loginDetails.RememberMe)
                        {
                            HttpCookie email = new HttpCookie("EmailID");
                            email.Expires = DateTime.Now.AddSeconds(3600);
                            email.Value = LoginUser.EmailID;
                            Response.Cookies.Add(email);

                        }
                        return RedirectToAction("Index", "Home");
                    }

                    else
                    {
                        ModelState.AddModelError("", "Login data is incorrect!");
                    }



                }
            }
            return View(loginDetails);
        }

Login.cshtml

 @using (Html.BeginForm())
    {
        @Html.ValidationSummary(true, "Login failed. Check your login details.");
        <div style=" margin-bottom: 400px;">
            <fieldset>
                <legend>Login</legend>

                <div class="editor-label">
                    @Html.LabelFor(u => u.EmailID)
                </div>
                <div class="editor-field">
                    @Html.TextBoxFor(u => u.EmailID)
                    @Html.ValidationMessageFor(u => u.EmailID)
                </div>
                <div class="editor-label">
                    @Html.LabelFor(u => u.Password)
                </div>
                <div class="editor-field">
                    @Html.PasswordFor(u => u.Password)
                    @Html.ValidationMessageFor(u => u.Password)
                </div>
                <div class="editor-label">
                        @Html.CheckBoxFor(u => u.RememberMe)
                        @Html.LabelFor(u => u.RememberMe)
                    </div>
                <input type="submit" value="Log In" />
                @Html.ActionLink("Forgot Password ?", "LostPassword", "CU", null)
            </fieldset>
        </div>
    }

Can any one tell me how to do this?

Possible duplicate of [Implementing "Remember Me" Feature in ASP.NET MVC](http://stackoverflow.com/questions/5619791/implementing-remember-me-feature-in-asp-net-mvc) — kayess, Nov 23 '15 at 11:14
It seems you are storing the credentials inside the cookie without an encryption. In no time someone can edit that cookie and log in with a different user even with an encryption. It does not seem to be the best way of handling it. — John Sarties, Aug 06 '17 at 18:37

score 1 · Answer 1 · edited Nov 14 '17 at 13:53

I got answer for my question. I will share my answer.

public ActionResult Login() {
    Login model = new Login() { EmailID = Email };
    if (Request.Cookies["Login"] != null) {
        model.EmailID = Request.Cookies["Login"].Values["EmailID"];
        model.Password = Request.Cookies["Login"].Values["Password"];
    }
    return View(model);
}
[HttpPost, ValidateInput(false)]
public ActionResult Login(Login loginDetails) {
    if (ModelState.IsValid) {
        using (SYTEntities context = new SYTEntities()) {
            var LoginUser = context.tblUsers.Where(a => a.EmailID == loginDetails.EmailID && a.Password == loginDetails.Password).FirstOrDefault();
            if (LoginUser != null) {
                FormsAuthentication.SetAuthCookie(loginDetails.EmailID, loginDetails.RememberMe);
                Session["EmailID"] = LoginUser.EmailID;
                Session["UserID"] = LoginUser.UserID;
                if (loginDetails.RememberMe) {
                    HttpCookie cookie = new HttpCookie("Login");
                    cookie.Values.Add("EmailID", LoginUser.EmailID);
                    cookie.Values.Add("Password", LoginUser.Password);
                    cookie.Expires = DateTime.Now.AddDays(15);
                    Response.Cookies.Add(cookie);
                }
                return RedirectToAction("Index", "Home");
            } else {
                ModelState.AddModelError("", "Login data is incorrect!");
            }
        }
    }
    return View(loginDetails);
}

this is insecure. The user name and password are stored as plain text in the cookies. — Hatim, Nov 04 '17 at 19:17

How to implement remember me in Login page in MVC 4 razor?

1 Answers1