perlwhite
asked on
Need application to remember the verification code
Hello,
My application sends a verification code to user after he logs in. I need my application to remember this code for 30 days. I cannot use session variables for remembering the verification code since I need the application to timeout after 30 min. Is there any other way for my application to remember the verification code for 30days and reset it after 30 days?
Thanks
My application sends a verification code to user after he logs in. I need my application to remember this code for 30 days. I cannot use session variables for remembering the verification code since I need the application to timeout after 30 min. Is there any other way for my application to remember the verification code for 30days and reset it after 30 days?
Thanks
The only way I can see you doing this is by storing it in the database with a timestamp and probably a userid and then have a sql job that runs daily and deletes any verification codes that have expired that day or the day before.
You could store it in the registry along with a timestamp. Then when your app starts you read them and check them for validity.
Using the registry for an ASP.net app to store user information is not recommended as the information will be stored on the server not the client machine.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
@kaufmed
Good point although that does depend on the users browsers not being locked down to prevent cookies, which is the problem I've had in the past so it depends on the environment but cookies would be the less hassle approach.
Good point although that does depend on the users browsers not being locked down to prevent cookies, which is the problem I've had in the past so it depends on the environment but cookies would be the less hassle approach.
As the question is also in the C# area (as well as ASP.net) and refers to an app it isn't clear where the app is running. If on the client machine then the registry is suitable.
@AndyAinscow
But the question does refer to session variables which suggests an ASP.net application
But the question does refer to session variables which suggests an ASP.net application
ASKER
Thanks all for replying. My application will run on client machines. I like taking the cookies approach since it is faster to develop. However, how would I check if they are 30 days old or not. I remember somewhere reading something like cookies.addvalues(x) to clear out the cookies after x minutes but cannot find it anymore!
That also means that I have to remember login name in cookies. Please correct me if I am wrong,
That also means that I have to remember login name in cookies. Please correct me if I am wrong,
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
@jacko72 - have you never encountered a question where a technical term is being used mistakenly or incorrectly? I have, numbers of times. Also see the most recent comment made by the asker of this question:
>>My application will run on client machines
In that case you can use the registry to store information. As previously mentioned cookies might be disabled. The registry will always be available, it is independent of the browser settings. The logic would be the same as if you went for a cookie approach. The code is trivial.
>>My application will run on client machines
In that case you can use the registry to store information. As previously mentioned cookies might be disabled. The registry will always be available, it is independent of the browser settings. The logic would be the same as if you went for a cookie approach. The code is trivial.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.