在ASP.NET的MVC存储会话数据 [英] Storing session data in asp .net mvc
问题描述
我用会话
在我的应用程序存储喜欢的用户名某些数据(写你好,......)等等。另外,我使用 FormsAuthentication
来验证用户,使控制器具有code是这样的:
保护无效SetAuthCookie(INT用户id)
{
FormsAuthentication.SetAuthCookie(userId.ToString(),TRUE);
用户的用户= Repositories.UserRepository.GetUserById(用户ID); 会话[名称] = user.Name;
会话[电子邮件] = user.Email;
会话[平衡] = user.TotalBalance +/+ user.ActiveBalance;
会话[isConfirmed] = user.IsConfirmed;
会话[电话] = user.Phone;
}
所以,当我经过一番code重新启动应用程序改变会话数据被破坏,但用户仍然通过身份验证,所以我有很糟糕的情况,我想解决它。在一方面,我可以建立地方code,如果会话数据是确定的,将检查否则刷新。在另一方面,我可能会错过正确的方式存储这些数据的一些技巧?
什么是在这种情况下最好的解决方案?
<的sessionState模式=是InProccustomProvider =DefaultSessionProvider>
<供应商>
<添加名称=DefaultSessionProviderTYPE =System.Web.Providers.DefaultSessionStateProvider,System.Web.Providers,版本= 1.0.0.0,文化=中性公钥= 31bf3856ad364e35的connectionStringName =DefaultConnection/>
< /供应商>
< /&的sessionState GT;
我也有过类似的问题解决了像这样在的global.asax.cs 文件:它会强制注销,如果会议是空的,并且请求进行身份验证。 (采取总是sholud被设置为检查空会话的一个值)
保护无效Application_ preRequestHandlerExecute(对象发件人,EventArgs的发送)
{
ForceLogoutIfSessionExpired();
} ForceLogoutIfSessionExpired私人无效()
{
如果(Context.Handler是IRequiresSessionState)
{
如果(Request.IsAuthenticated)
{
如果(HttpContext.Current.Session [名称] == NULL)
{
AuthenticationHandler.SignOut(响应);
的Response.Redirect(FormsAuthentication.LoginUrl,真);
}
}
}
I'm using Session
in my application to store some data like user name(to write hello,...) and so on. Also, I'm using FormsAuthentication
to authenticate user, so controllers have code like this:
protected void SetAuthCookie(int userId)
{
FormsAuthentication.SetAuthCookie(userId.ToString(), true);
User user = Repositories.UserRepository.GetUserById(userId);
Session["name"] = user.Name;
Session["email"] = user.Email;
Session["balance"] = user.TotalBalance + " / " + user.ActiveBalance;
Session["isConfirmed"] = user.IsConfirmed;
Session["phone"] = user.Phone;
}
So, when I restart application after some code changes session data is destroyed, but user is still authenticated, so I have very bad situation and I want to fix it. On the one hand, I can create code somewhere, that will check if session data is ok and refresh it otherwise. On the other hand, may I miss some technique of storing this data in the right way?
What is the best solution in this situation?
<sessionState mode="InProc" customProvider="DefaultSessionProvider">
<providers>
<add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
</providers>
</sessionState>
I've had a similar problem solved it like this in the global.asax.cs file: It will force a logout if session is empty and the request is authenticated. (take one of your session values that always sholud be set to check for null)
protected void Application_PreRequestHandlerExecute(object sender, EventArgs e)
{
ForceLogoutIfSessionExpired();
}
private void ForceLogoutIfSessionExpired()
{
if (Context.Handler is IRequiresSessionState)
{
if (Request.IsAuthenticated)
{
if (HttpContext.Current.Session["name"] == null)
{
AuthenticationHandler.SignOut(Response);
Response.Redirect(FormsAuthentication.LoginUrl, true);
}
}
}
这篇关于在ASP.NET的MVC存储会话数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!