About keeping session alive in mvc

Question

hello, Hope everyone is doing fine I want to redirect to logout page after session is null or expired. I am able to do it with Global.asax file with following code : I have created Session["LoginCheckSession"] while login or after signup. public class SessionTimeoutAttribute : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { HttpContext ctx = HttpContext.Current; if (HttpContext.Current.Session["LoginCheckSession"] == null) { filterContext.Result = new RedirectResult("~/Home/Index"); return; } base.OnActionExecuting(filterContext); } } But I have TWO different sessions for two different Login pages, one for Admin and Other for User With the above code, I can only redirect to either Admin or User Login page So is there any way I can use two different sessions on global.asax file and then redirect to a different login page Or anyway I can keep the session alive for a long time thank you in advance

Sachin Singh · Answer

if you have two login pages then you will have to use two sessions use set session["User"]= true; when user logs in . set session["Admin"]=true ; when Admin logs in. then in your global.asax void Session_Start( object sender, EventArgs e) { // Code that runs when a new session is started if (Session[ "User" ]!= null && Session[ "User" ]) { //Redirect to wherever your user shoud go after successful login Response.Redirect( "~/Home/UserIndex" ); } else if (Session[ "Admin" ]!= null Session[ "Admin" ]) { //Redirect to wherever your Adminshoud go after successful login Response.Redirect( "~/Home/AdminIndex" ); } elseif(Session[ "User" ]== null ) { Response.Redirect( "~/home/Admin" ); // yes Admin not user its opposite } if (Session[ "Admin" ]== null ) { Response.Redirect( "~/home/User" ); // yes User not Admin its opposite } }

Sachin Singh · Answer

hii please let me know the business flow, there is your application suppose i am admin and wants to login to your application then is there two Login buttons in your navigation like below If Not then how do you decide which login page to show.I'm puzzeled.

Sachin Singh · Answer

i could not understand what do you mean by two login page , there is always one login page after login it is decided where to redirect , otherwise how could you know who has came for login, how come you decide and display different login pages to user when you don't know whether user is a normal user or Admin?????

Sachin Singh · Answer

if it is not working it means you are not utilizing the filter properly , so use the simple one, i am giving the complete code , just follow each step carefully. step 1. Global.asax void Session_Start(object sender, EventArgs e) { // Code that runs when a new session is started if (Session[ "LoginUserName" ]== "User" ) { //Redirect to Home/ index Response.Redirect( "~/Home/Index" ); } else if (Session[ "LoginUserName" ]== "Admin" ) { //Redirect to Login Page if Session is null & Expires Response.Redirect( "~/Admin/Index" ); } else { Response.Redirect( "~/Account/Login" ); } step 2.Web.config (i am giving 15 minutes timeout, change as per your requirement) "InProc" timeout= "15" /> step 3. Login Action method [HttpPost] blic ActionResult Login(string UserType) { Session[ "LoginUserName" ] =UserType; // send admin if admin logs in or user if // user logs in esponse.Redirect( "Welcome.aspx" ); } Now when admin logs in it will be redirected to admin page , if user logs in then user page if session is null or time out then login page, thats it.

Sachin Singh · Answer

Create the filter as i have suggested with if else, just copy paste. Your problem will be resolved.

Sachin Singh · Answer

Better is to use one session as Session["user"], in your Login Method If user logs in then store Sesson["name"]="user"; If Admin logs in then Store Sesson["name"]="Admin"; Then in your attribute if session is null redirect to Login page if session has user value redirect to home/index if session has admin value redirect to Admin/index public class SessionTimeoutAttribute : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { HttpContext ctx = HttpContext.Current; If(session[ "user" ]!=null) { if(session[ "user" ]== "user" ) { filterContext.Result = new RedirectResult( "~/Home/Index" ); } else { filterContext.Result = new RedirectResult( "~/Admin/Index" ); } Else { filterContext.Result = new RedirectResult( "~/Account/Login" ); }

Guest User · Answer

Yes, So can I check two sessions in global.asax file , Just like below That is my main question, will it be any issue ? public class SessionTimeoutAttribute : ActionFilterAttribute { public override void OnActionExecuting(ActionExecutingContext filterContext) { HttpContext ctx = HttpContext.Current; if (HttpContext.Current.Session["LoginCheckSession"] == null) { filterContext.Result = new RedirectResult("~/User/Login"); return; } if (HttpContext.Current.Session["LoginCheckAdminSession"] == null) { filterContext.Result = new RedirectResult("~/admin/Login"); return; } base.OnActionExecuting(filterContext); } }

Guest User · Answer

So the login page url for User looks like : http://localhost:50843/Home/Index So the login page url for Admin looks like : http://localhost:50843/HqAdmin/Index After User login, I have created Session["LoginCheckSession"]="User" & After Admin Login, I have created Session["LoginCheckSession"]="Admin" So the User Panel and Admin Panel are in the same project , I cannot redirect to two different login page from global.asax file

Guest User · Answer

Thank you for reply ! Yes, there are two login pages, because there are two different tables. For User it is UserMaster and for Admin it is AdminMaster It is not based on UserType, because the Login information is coming from 2 different tables. Yes, if it is a single table for both User and Admin, then it would be based on Usertype and there won't be any issue redirecting to that single Login page.

Guest User · Answer

Hello Sachin Singh, Thank you for your kind reply in detail. In your case, when the session is null or time out it will only redirect to one Login page which is Response.Redirect( "~/Account/Login" ) But in my case, there are 2 different Login page. After User login, I have created Session["LoginCheckSession"]="User" & After Admin Login, I have created Session["LoginCheckSession"]="Admin" : Login page for User is : /Home/index & Login page for Admin is : /HqAdmin/Index so when Session["LoginCheckSession"]="User" expires, it should redirect to User Login Page /Home/index & when Session["LoginCheckSession"]="Admin" expires, it should redirect to Admin Login Page /HqAdmin/index Your code looks good when there is only one Login page (Correct me if I'm wrong) Thank you again for your reply.

Guest User · Answer

Thanks for your reply Sachin Singh You said " Create the filter as i have suggested with if else, just copy paste. Your problem will be resolved. " But how it will check which session value is expired and accordingly will redirect to Login page Your guidance will be really appreciate Can you show code how that can be achieved Thank you

Guest User · Answer

Thank Sachin Singh for your reply I am using same condition on global.asax file I am using Session["LoginCheckSession"]="User" for Use Panel and Session["LoginCheckSession"]="Admin" for Admin Panel But when session expires, it redirects either to User panel login or Admin Panel login page, with following condition which I am using : if (HttpContext.Current.Session["LoginCheckSession"] == null) { filterContext.Result = new RedirectResult("~/Home/Index"); return; } so how to redirect to User Login page if Session["LoginCheckSession"]="User" expires and how to redirect to Admin Login page if Session["LoginCheckSession"]="Admin" expires With my condition, I can only redirect to Admin or User Login page