Blazor Server Side - Cookie Authentication - check cookie expiration date

Question

I use Cookie Authentication in a Blazor server side application. Is there a way to check whether cookie has expired?

I've tried to get cookie expiration date with HttpContextAccessor but there's only an encrypted value of a cookie.

You shouldn't be using HttpContextAccessor in Server Blazor Apps. See this github's issue: github.com/aspnet/AspNetCore/issues/… — enet

Joseph Sible-Reinstate Monica Joseph Sible-Reinstate Monica · Accepted Answer · 2019-12-26T00:30:24

You shouldn't be checking cookie expiration on the server. A legitimate client will remove the cookie itself when it expires, and a rogue client can lie about the expiration. If you want to expire a login token or something, you need to handle it completely separately from the expiration of the cookie itself for it to be secure.

Blazor Server Side - Cookie Authentication - check cookie expiration date

1 Answers