search

synercoder / FormsAuthentication

Enable ASP.NET Core 2 cookies to read old ASP.NET Forms Authentication cookies
MIT License
74 stars 25 forks source link

Exception handling #2

Closed mderriey closed 6 years ago

mderriey commented 6 years ago

Hi there :wave:

First, I want to thank you for this great piece of code. I've come across it and it works like a charm!

Now, one issue that I've encountered is that when the value of a cookie can't be decrypted, it throws a CryptographicException that is not handled and bubbles up the stack, which crashes the request.

Would you be open to catching exceptions in FormsAuthenticationDataFormat<TData>.Unprotect and return default(TData) on exceptions like it's done in the SecureDataFormat<TData> in ASP.NET Core?

If so, we could also augment the FormsAuthenticationOptions with a property that specifies what to do with the exceptions, like logging, etc...

Let me know what you think, I'll be happy to open a PR if you give me the green light. Cheers!

synercoder commented 6 years ago

Green light! Sounds like a good plan. I am open for pull requests.