asp.net-mvcsession-variablesfilterattribute

MVC User Authorised but Session variables are lost


when a user comes back to my site they are showing as still logged in due to the Auth Cookie (?) from the ASP.NETMembershipProvider I'm using. However the session varibles are no longer available. I've added a custom actionfilterattribute where I was going to check if the session variables are available or not, however the I dont seem to be able to access the session variables from the filterattribute.

I don't think I want to store the CustID in the cookie, I'd rather find a way of pulling it back from the db once I find out if they are authorized or not.


Solution

  • The expiration of the auth cookie and a session are not related, so they expire independently of each other.

    And easy solution is to have the session timeout set to a large value, this way if they are logged in (auth cookie is valid), then the session will still be available.