Session timeout - how to make “remember me” properly?

Question

The code (in global.asax):

void Session_Start(object sender, EventArgs e)
{
    // remember me
    HttpCookie rememberCookie = HttpContext.Current.Request.Cookies["remember"];
    if (rememberCookie != null)
    {
        if (rememberCookie.Value == "true")
            HttpContext.Current.Session.Timeout = 464800;
        else
            HttpContext.Current.Session.Timeout = 70;
    }
    else
        HttpContext.Current.Session.Timeout = 60;
}

Basicly, i want to make "remember me" using session and cookie. This is the code, when login in the home.aspx.cs

public void _loginFrmSubmit(object sender, EventArgs e)
{
    Session["User"] = home_username.Text;
    HttpCookie rememberCookie;
    //rememberCookie.HttpOnly = true;
    if (remember.Checked)
    {
        rememberCookie = new HttpCookie("remember", "true");
        rememberCookie.Expires = DateTime.Now.AddMonths(12);
    }
    else
    {
        rememberCookie = new HttpCookie("remember", "false");
        rememberCookie.Expires = DateTime.Now.AddDays(1);
    }
    HttpContext.Current.Response.Cookies.Add(rememberCookie);
    Response.Redirect(Request.RawUrl);
}

The code working fine when first fired. But after I log out:

public void _Quit(object sender, EventArgs e)
{
    HttpCookie rememberCookie = new HttpCookie("remember");
    rememberCookie.Expires = DateTime.Now.AddDays(-1);
    Response.Cookies.Add(rememberCookie);
    Session.Clear();
    Response.Redirect(Request.RawUrl);
}

And I login again. The session.timeout is not changing. It get stuck with the first timeout set. Please help me make that everytime i logout, and login, the session timeout changes.

Answer 1

Ok, this was pretty stupid of me to do all that stuff, because i didn't have to add any cookies and work with session start at all. All i have to do is to set the session timeout in the aspx.cs (login submit) itself.

public void _loginFrmSubmit(object sender, EventArgs e)
{
            Session["User"] = home_username.Text;
            if (remember.Checked)
                Session.Timeout = 464800;
            else
                Session.Timeout = 120;
            Response.Redirect(Request.RawUrl);
            Response.Redirect(Request.RawUrl);
}

I just didn't know i can do that, because it didn't worked for me the last time i remember i tried it. It is strange that there is no examples and tutorials of using sessions like that. I didn't found anything, any form in the internet that would show an example of using sessions with 'remember me' option. I don't know why no one answered my question, it is that simple.