Click here to Skip to main content
Click here to Skip to main content

Session in ASP.NET MVC

, 27 Jun 2014 CPOL
Rate this:
Please Sign up or sign in to vote.
Session in ASP.NET MVC

Introduction

In web applications, we use sessions to:

  1. Check if the user is logged in or not
  2. Save permission information
  3. Save temporary data

And some time, we may need to use saved session objects frequently. Here, we will try to centralize our session utility in a single base controller, so that we can use the session objects from other controllers with minimum effort.

Background

Before the beginning, we have to consider some things like:

  1. We are going to use a single session for full web project, which is a good practice.
  2. If a controller is session dependent and session is null, we are going to redirect to a login page.
  3. Not all controllers are session dependent, like LogOnController and ErrorController. So if the session is null, it would not redirect to the login page, and would render its default.

Using the Code

Here is the base controller for our application, which deals with the session utilities. TSource is the Model type which we want to save in to the session. Now, we can use it in two ways.

  1. If the controller is not session dependent, we simply avoid the inheritance.
  2. If the controller is not session dependent, but we are inheriting from the base controller.

Then IsNonsessionController methods nonsessionedController list is important, where we have to specify the names of which controller does not depend on sessions:

public class ApplicationController<TSource> : Controller
{
    private const string LogOnSession = "LogOnSession";  //session index name
    private const string ErrorController = "Error";      //session independent controller
    private const string LogOnController = "LogOn";      //session independent and LogOn controller    
    private const string LogOnAction = "LogOn";          //action to rederect

    protected ApplicationController()
    {           
    }

    protected override void Initialize(RequestContext requestContext)
    {
        base.Initialize(requestContext);
        /*important to check both, because logOn and error Controller should be access able with out any session*/
        if (!IsNonSessionController(requestContext) && !HasSession())
        {
            //Rederect to logon action
            Rederect(requestContext, Url.Action(LogOnAction, LogOnController)); 
        }
    }

    private bool IsNonSessionController(RequestContext requestContext)
    {
        var currentController = requestContext.RouteData.Values["controller"].ToString().ToLower();
        var nonSessionedController = new List<string>() {ErrorController.ToLower(), LogOnController.ToLower()};
        return nonSessionedController.Contains(currentController);
    }

    private void Rederect(RequestContext requestContext, string action)
    {
        requestContext.HttpContext.Response.Clear();
        requestContext.HttpContext.Response.Redirect(action);
        requestContext.HttpContext.Response.End();
    }

    protected bool HasSession()
    {
        return Session[LogOnSession] != null;
    }

    protected TSource GetLogOnSessionModel()
    {
        return (TSource)this.Session[LogOnSession];
    }

    protected void SetLogOnSessionModel(TSource model)
    {
        Session[LogOnSession] = model;
    }

    protected void AbandonSession()
    {
        if (HasSession())
        {
            Session.Abandon();
        }
    }
}

Here LogOnModel is the model which object can be set in to session. And in every controller, we are going to use the base controller like if the controller wants to deal with session.

public class LogOnController : ApplicationController<LogOnModel>
{
}

To set session, or to destroy it on logout, or to get the session from any sub controller, we have to use it like:

/*Set model to session*/
LogOnModel model = new LogOnModel();
SetLogOnSessionModel(model);

/*destroy current session*/
AbandonSession();

/*Shows the session*/
LogOnModel sessionModel = GetLogOnSessionModel();

Limitations

Here, we have worked with single session only. But your application may need to deal with multiple sessions. To do so, we have to make some changes here. If you need anything like this, just knock me, I already made one to serve such a purpose. If I have time, I will post it within a week.

Find the project attachment, which is a VS 2010 solution and contains MVC3 project.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Share

About the Author

DiponRoy

Bangladesh Bangladesh
No Biography provided

Comments and Discussions

 
QuestionAbout Multiple sessions.. PinmemberBALAG BE22-Jan-15 0:38 
AnswerRe: About Multiple sessions.. PinmemberDiponRoy23-Jan-15 11:26 
QuestionVerification Pinmemberphilals8-Sep-14 14:07 
AnswerRe: Verification Pinmemberdiponsust9-Sep-14 1:00 
GeneralMy vote of 2 PinprofessionalSamer Abu Rabie28-Jun-14 11:28 
GeneralRe: My vote of 2 Pinmemberdiponsust28-Jun-14 22:16 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.150129.1 | Last Updated 27 Jun 2014
Article Copyright 2014 by DiponRoy
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid