如何注销用户时，会话超时或结束 [英] How to log out a user when a session times out or ends

问题描述

请告诉我注销用户在会话结束或过期的最佳方法？

Whats the best way to log out a user when a session ends or expires?

感谢您的帮助。

推荐答案

这真的取决于你在寻找所需的功能。我会假设你正在使用FormsAuthentication。

It really depends on the desired functionality you're looking for. I'm going to assume you're using FormsAuthentication.

有是你需要关心两回事：在会话和 FormsAuthentication 的cookie。除非我错了，这两个具有独立的超时。

There's two separate things you need to be concerned about: the Session and the FormsAuthentication cookie. Unless I'm mistaken, both of these have separate timeouts.

如果您遇到的问题是，会话超时，但用户仍然通过验证，你可以试试下面的组合：

If the problem you're having is that the session is timed out but the user still is authenticated, you could try a combination of the following:

1：确保身份验证Cookie具有相同的超时值作为会话：

1: Making sure the authentication cookie has the same timeout value as the session:

<authentication mode="Forms"><forms ... timeout="20" ... ><authentication>
<sessionState ... timeout="20" ... />

2：在你的Page_Load事件中，检查是否会话超时：

2: In your Page_Load event, check if the session has timed out:

if (context.Session != null && Context.Session.IsNewSession == true &&
    Page.Request.Headers["Cookie"] != null &&
    Page.Request.Headers["Cookie"].IndexOf("ASP.NET_SessionId") >= 0)
{
    // session has timed out, log out the user
    if (Page.Request.IsAuthenticated)
    {
        FormsAuthentication.SignOut();
    }
    // redirect to timeout page
    Page.Response.Redirect("/Timeout.aspx");
}

（见<一href=\"http://www.eggheadcafe.com/articles/20051228.asp\">http://www.eggheadcafe.com/articles/20051228.asp对检测会话超时信息）

如果你想要一个更愉快的用户体验，您可以使用JavaScript X分钟后启动某种模态UI弹出窗口。该弹出只会允许用户启动一个按钮，点击它会触发服务器上的AJAX回传，从而延长他们无需重新加载页面的认证和会话cookie。我从来没有实现这之前，但看起来，这个家伙做了ASP.NET AJAX控制！

If you want a more pleasant user experience, you could use javascript to initiate some sort of a modal UI popup after X minutes. This popup would simply allow a user to initiate a button-click which would trigger an AJAX postback on the server, thus extending their authentication and session cookie without them having to reload the page. I've never implemented this before but look, this guy made an ASP.NET AJAX control !

这篇关于如何注销用户时，会话超时或结束的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！