Cookie Consent Module
The Cookie Consent module allows you to register and categorize cookies you use in your application and ask the user for its consent to use those cookies.
How it Works
On the first visit the user is asked for consent via a cookie banner. The user can accept all cookies or select some categories he/she wants to give consent for.
When the user does not give his/her consent for a certain category, cookies, belonging to this category, are not allowed to be set. When the user revokes his/her consent on a later stage, the belonging cookies will automatically be deleted on the next request.
Cookies which have not been registered via the module API or appsettings.json will automatically be deleted (if the option DeleteUnknownCookies is enabled).
Consent Categories
You can categorize cookies into the following four categories.
| Category Id | Description | User consent required |
|---|---|---|
| essential | Cookies which are required for the application to work properly, like session management cookies are considered essential cookies. | no |
| analytics | Cookies that are required for analytics and statistics, like Google Analytics and Matomo | yes |
| marketing | Cookies used for marketing purposes, like Google AdWords or Google AdSense | yes |
| personalisation | Cookies used for personalisation | yes |
Installation
Add the Module to your Project
You can install the Analytics module from NuGet with
dotnet add package Confinity.CookieConsent
In your Startup.cs you can now register the module with the module builder by calling the AddModule method with CookieConsentModule. See Modules documentation for more information.
Cookie Consent Configuration
You can configure the cookie consent in the appsettings.json with the key ConfinityCookieConsent. The following options are configurable.
| Key | Type | Default | Description |
|---|---|---|---|
ConsentCookieName | string | _cfy_cc | The name for the cookie where the users consent information is stored. |
RequireOptIn | bool | true | Whether or not and explicit opt-in is required before saving the first cookie. When set to false, cookies for all categorizes are enabled on the first request. |
Categories | string | "analytics, marketing, personalisation" | A comma-separated list of categories the user can give his consent for. Unused categories will always return false when checking for consent (except for the essentials category). |
DeleteUnknownCookies | bool | true | Defines whether cookies which have not been explicitly registered from a module will be deleted or not. |
ConsentExpirationInDays | int | 365 | Defines after how many days the user consent settings should be revoked. |
Cookies | Dictionary<string, string> | {} | Dictionary with category as key and a comma-separated list of cookie names as value. |
Add the Cookie Banner to your Layouts
In your layout files, invoke the cookie banner component at the bottom of the page by invoking the view component ConfinityCookieConsentBannerinside the body tag.
Example
@await Component.InvokeAsync(typeof(ConfinityCookieConsentBanner))
Configure the Cookie Banner in the Setting App
You can now configure the cookie banner in the settings app in the Admin Panel. You can define the title and description for the banner and add declarations for each cookie category.
How to Register Cookies
Register Cookies in the Host Application
In the host application you can register cookies via the Cookies options in the appsettings.json like documented above. For example:
{
"ConfinityCookieConsent": {
"Cookies": {
"essential": "session",
"analytics": "_ga,_ga_*,matomo*"
}
}
}
Wildcard for cookie name You can use * as a wildcard character to
allow multiple cookies starting with the same characters. For example test* will match the cookies test , test1 and testsomething.
Register Cookies in Modules
You can also register cookies via Confinity module API like so:
public class MyModule : IModuleConfiguration
{
public string ModuleKey { get; } = "my-module";
public void AddModule(IModuleContext module)
{
module.Configure.RegisterCookies(ConsentCategory.Analytics, "_ga", "_ga_*", "matomo*");
}
public void UseModule(IApplicationBuilder app)
{
}
}
Checking for Consent on the Backend
You can inject ICookieConsentService to check if a user has given its consent for a given cookie or a category.
Example
public class MyService
{
public MyService(ICookieConsentService cookieConsentService)
{
// check if user has given consent for the analytics category
cookieConsentService.HasConsentForCategory(ConsentCategory.Analytics);
// check if user has given consent for a certain cookie
cookieConsentService.HasConsentForCookie("my-cookie-name");
}
}