Back to: ASP.NET Core Tutorials For Beginners and Professionals
Persistent vs Non-Persistent Cookies in ASP.NET Core MVC
In this article, I will discuss the Differences Between Persistent and Non-Persistent Cookies in ASP.NET Core MVC Applications. Please read our previous article discussing How to Encrypt Cookies in ASP.NET Core MVC.
What are Persistent Cookies in ASP.NET Core MVC?
Persistent cookies, also known as permanent or stored cookies, remain stored on the client’s machine for a specified duration, even after closing the browser. They persist across browser sessions unless explicitly deleted by the user or expired based on the set expiration time. These cookies are useful for remembering user preferences or login statuses across sessions.
Suppose you have a web application where users prefer to stay logged in for a longer period without re-entering their credentials every time they visit the site. In this case, a persistent cookie can store their authentication token.
What are Non-Persistent Cookies in ASP.NET Core MVC?
Non-persistent cookies, also known as session cookies, are temporary cookies stored only for the duration of the user’s session. They are deleted automatically when the user closes the browser. Unlike persistent cookies, which have a specific expiration date and remain stored on the client’s device between sessions, non-persistent cookies exist only for the user’s browsing session.
Consider an online banking application where security is paramount. Non-persistent cookies store temporary data, such as session identifiers, and ensure that users are logged out when they close their browsers.
How to Implement Persistent vs Non-Persistent Cookies in ASP.NET Core MVC:
In ASP.NET Core MVC, cookies can be implemented using the Response.Cookies API to set cookies and Request.Cookies to read cookies.
Persistent Cookies:
Persistent Cookies are Implemented in ASP.NET Core MVC Application by setting the Expires property in the CookieOptions object as follows.
var cookieOptions = new CookieOptions
{
Expires = DateTime.Now.AddDays(30), // Expires in 30 days
IsEssential = true, // Necessary for the application to function
HttpOnly = true, // Accessible only by the server
Secure = true // Only sent over HTTPS
};
Response.Cookies.Append("PersistentCookie", "CookieValue", cookieOptions);
Non-Persistent Cookies:
The Non-Persistent Cookies are Implemented in ASP.NET Core MVC Application without specifying the Expires property in the CookieOptions object as follows.
var cookieOptions = new CookieOptions
{
IsEssential = true, // Necessary for the application to function
HttpOnly = true, // Accessible only by the server
Secure = true // Only sent over HTTPS
};
Response.Cookies.Append("PersistentCookie", "CookieValue", cookieOptions);Differences Between Persistent vs Non-Persistent Cookies in ASP.NET Core MVC
In ASP.NET Core MVC, the primary difference between persistent and non-persistent cookies is their lifespan and how they are managed within a user’s session.
- Storage Duration: Persistent cookies persist beyond the current session; non-persistent cookies are deleted when the browser session ends.
- Purpose: Persistent cookies are used for long-term storage of user preferences, login details, etc., while Non-Persistent cookies are used for temporary data like session identifiers.
- Expiration Handling: Persistent cookies have a specified expiration date/time; non-persistent cookies are deleted automatically when the browser session ends.
When Should We Use Persistent Cookies in ASP.NET Core MVC?
Use persistent cookies when you want to remember user preferences or login sessions across multiple visits. The following are some of the use cases of Persistent Cookies:
- Remember Me Feature: When users log in to a website, a “Remember Me” option is offered to keep them logged in for longer. This is convenient for users who frequently return to your site.
- User Preferences: Storing user preferences like Themes, Language Settings, Notifications, etc of your website. Persistent cookies ensure that these preferences are remembered across different sessions.
- Shopping Carts in E-commerce: To remember the items in a user’s shopping cart across different sessions if they haven’t completed the checkout process.
When Should We Use Non-Persistent Cookies in ASP.NET Core MVC?
Use non-persistent cookies to store temporary data that should not persist beyond the current session. The following are some of the use cases of Non-Persistent Cookies:
- Session Management: Storing session identifiers for user authentication. The session ends once the user closes the browser.
- Temporary data storage: Temporary data storage that doesn’t need to persist beyond the current browsing session.
- For example, a banking application can use non-persistent cookies to store session identifiers, enhancing security by ensuring users are logged out when they close their browsers.
In the next article, I will discuss Sessions in ASP.NET Core MVC Applications with Examples. In this article, I try to explain the Differences Between Persistent and Non-Persistent Cookies in ASP.NET Core MVC Application. I hope you enjoy this article on Persistent vs Non-Persistent Cookies in ASP.NET Core MVC Application.
About the Author: Pranaya Rout
Pranaya Rout has published more than 3,000 articles in his 11-year career. Pranaya Rout has very good experience with Microsoft Technologies, Including C#, VB, ASP.NET MVC, ASP.NET Web API, EF, EF Core, ADO.NET, LINQ, SQL Server, MYSQL, Oracle, ASP.NET Core, Cloud Computing, Microservices, Design Patterns and still learning new technologies.
Simply amazing content i really like it.