DEV Community

Roel
Roel

Posted on

How to: Use a Bitmask-Based Rights System for Cookie Consent

Have you ever been in a position where you need to track multiple choices of a user and want to avoid having to create a new seperate variable for each of those choices? That is where Bitmask can be your hero!

In the following example we will set up user cookie consent using bitmask to have a real-world example.

Managing user consent for cookies can get messy when dealing with multiple categories. A bitmask-based rights system offers a compact and efficient way to store and evaluate consent using binary flags.

Step 1: Define Categories as Powers of 2

Assign each cookie category a unique power-of-2 value:

[Flags]
public enum CookieConsent
{
    None = 0,
    Necessary = 1,      // 2^0
    Preferences = 2,    // 2^1
    Statistics = 4,     // 2^2
    Marketing = 8       // 2^3
}
Enter fullscreen mode Exit fullscreen mode

This allows combinations to be stored as a single integer.

Step 2: Store Combined Consent as an Integer

If a user consents to Necessary, Statistics, and Marketing, the combined value is:

var consent = CookieConsent.Necessary | CookieConsent.Statistics | CookieConsent.Marketing;
Enter fullscreen mode Exit fullscreen mode

You can store 13 in a cookie or database.

Step 3: Check Consent Using Bitwise Operations

To check if a user has consented to a specific category:

bool hasMarketing = (consent & CookieConsent.Marketing) != 0;
bool hasPreferences = (consent & CookieConsent.Preferences) != 0;
Enter fullscreen mode Exit fullscreen mode

This works even if multiple flags are combined.

Step 4: Deserialize from Stored Value

When reading the stored value (e.g. from a cookie):

var storedValue = 13;
var userConsent = (CookieConsent)storedValue;

if (userConsent.HasFlag(CookieConsent.Marketing))
{
    // Load marketing scripts
}

Enter fullscreen mode Exit fullscreen mode

The value 13 in binary is 1101, which corresponds to:

Necessary (1)
Statistics (4)
Marketing (8)
Enter fullscreen mode Exit fullscreen mode

So userConsent will contain:

CookieConsent.Necessary | CookieConsent.Statistics | CookieConsent.Marketing
Enter fullscreen mode Exit fullscreen mode

You can check individual flags like this:

if (userConsent.HasFlag(CookieConsent.Marketing))
{
    // Load marketing scripts
}

if (userConsent.HasFlag(CookieConsent.Preferences))
{
    // Will return false, since Preferences (2) is not included in 13
}
Enter fullscreen mode Exit fullscreen mode

Step 5: Extend with New Categories

Add new categories by continuing the power-of-2 pattern:

public enum CookieConsent
{
    None = 0,
    Necessary = 1,
    Preferences = 2,
    Statistics = 4,
    Marketing = 8,
    Analytics = 16      // 2^4
}
Enter fullscreen mode Exit fullscreen mode

This keeps the system scalable and backward-compatible.

Step 6: Store and Retrieve Consent in Cookies

You can store the combined consent value as an integer in a cookie:

Response.Cookies.Append("CookieConsent",((int)consent).ToString());
Enter fullscreen mode Exit fullscreen mode

To retrieve and parse it:

var storedValue = Request.Cookies["CookieConsent"];
var userConsent = (CookieConsent)int.Parse(storedValue);
Enter fullscreen mode Exit fullscreen mode

Step 7: Use Consent Flags in Middleware or Services

Use the flags to conditionally load services or scripts:

if (userConsent.HasFlag(CookieConsent.Marketing))
{
    // Load marketing scripts
}

if (userConsent.HasFlag(CookieConsent.Analytics))
{
    // Enable analytics tracking
}
Enter fullscreen mode Exit fullscreen mode

Step 8: Optional – Serialize to Frontend

If you need to pass consent flags to JavaScript:

var consentFlags = new
{
    Necessary = userConsent.HasFlag(CookieConsent.Necessary),
    Preferences = userConsent.HasFlag(CookieConsent.Preferences),
    Statistics = userConsent.HasFlag(CookieConsent.Statistics),
    Marketing = userConsent.HasFlag(CookieConsent.Marketing),
    Analytics = userConsent.HasFlag(CookieConsent.Analytics)
};

return Json(consentFlags);
Enter fullscreen mode Exit fullscreen mode

This allows the frontend to react accordingly.

This system can be applied to even more scenario's if you feel like it. Examples can be user permissions/access control, file system attributes like hidden, readonly etc, or even log levels.

Top comments (0)