how to generate a unique token which expires after 24 hours?

by

There are two possible approaches; either you create a unique value and store somewhere along with the creation time, for example in a database, or you put the creation time inside the token so that you can decode it later and see when it was created.

To create a unique token:

string token = Convert.ToBase64String(Guid.NewGuid().ToByteArray());

Basic example of creating a unique token containing a time stamp:

byte[] time = BitConverter.GetBytes(DateTime.UtcNow.ToBinary());
byte[] key = Guid.NewGuid().ToByteArray();
string token = Convert.ToBase64String(time.Concat(key).ToArray());

To decode the token to get the creation time:

byte[] data = Convert.FromBase64String(token);
DateTime when = DateTime.FromBinary(BitConverter.ToInt64(data, 0));
if (when < DateTime.UtcNow.AddHours(-24)) {
  // too old
}

Note: If you need the token with the time stamp to be secure, you need to encrypt it. Otherwise a user could figure out what it contains and create a false token.

More Related Contents:

  1. POSTing JsonObject With HttpClient From Web API
  2. Understanding WCF Windows Authentication
  3. The breakpoint will not currently be hit. No symbols have been loaded for this document in a Silverlight application
  4. Pattern for calling WCF service using async/await
  5. Make ASP.NET WCF convert dictionary to JSON, omitting “Key” & “Value” tags
  6. Queuing in OneWay WCF Messages using Windows Service and SQL Server
  7. .NET Core Identity Server 4 Authentication VS Identity Authentication
  8. Custom Authentication in ASP.Net-Core
  9. How do I log a user out when they close their browser or tab in ASP.NET MVC?
  10. Can we create custom HTTP Status codes?
  11. ASP.NET 5 add WCF service reference
  12. How to add cross domain support to WCF service
  13. How to natively enable JSONP for existing WCF service?
  14. How can I pass a username/password in the header to a SOAP WCF Service
  15. Simple JWT authentication in ASP.NET Core 1.0 Web API
  16. The HTTP request is unauthorized with client authentication scheme ‘Negotiate’. The authentication header received from the server was ‘NTLM’
  17. Authentication Service using WCF
  18. ASP.NET Core Web API Authentication
  19. Built-in helper to parse User.Identity.Name into Domain\Username
  20. WCF Service or Web API [closed]
  21. Web Service without adding a reference?
  22. Dynamically switch WCF Web Service Reference URL path through config file
  23. AuthenticateRequest event
  24. Finding the variable name passed to a function
  25. The name ‘controlname’ does not exist in the current context
  26. Sharing sessions across applications using the ASP.NET Session State Service
  27. creating WCF ChannelFactory
  28. The instance of entity type cannot be tracked because another instance of this type with the same key is already being tracked
  29. onchange event for html.dropdownlist
  30. How do I inject ASP.NET 5 (vNext) user-secrets into my own utility class?

Leave a Comment