vb.netasp.net-mvc-3variablessession-cookiesformsauthentication

FormsAuthentication Cookie Caching

I am having an issue where my authcookie is not being dropped on browser close, or when a different user signs in.

My cookie is declared here: 

If ModelState.IsValid Then

                'check username and password
                If model.pwd = db.users.First(Function(t) t.NT_id = model.NT_id).pwd Then

                    'create an authentication cookie
                    FormsAuthentication.SetAuthCookie(model.NT_id, False) 'set to false to destroy cookie on browser close

                    'redirect action if login is successful
                    Return RedirectToAction("Construction", "Home")
                Else
                    ModelState.AddModelError("", "Invalid Username or Password")
                End If
            End If
            Return View(model)

I know this isn't dropping the cookie because I have a variable to show me the cookie username

Public Shared uNT_id = If(HttpContext.Current.User.Identity.IsAuthenticated, HttpContext.Current.User.Identity.Name, System.Environment.UserName)
Solution

  • This was resolved by turning all the variables to properties with get and set to stop them from caching.

    Public Class userinfo
        Public Shared Property uNT_id As String
            Get
                If HttpContext.Current.User.Identity.IsAuthenticated Then
                    Return HttpContext.Current.User.Identity.Name
                Else
                    Return System.Environment.UserName
                End If
            End Get
            Set(value As String)
                If HttpContext.Current.User.Identity.IsAuthenticated Then
                    value = HttpContext.Current.User.Identity.Name
                Else
                    value = System.Environment.UserName
                End If
            End Set
        End Property

        Public Shared Property uid As String
            Get
                Return db_apps.app_users.First(Function(t) t.NT_id = uNT_id).app_user_id
            End Get
            Set(value As String)
                value = db_apps.app_users.First(Function(t) t.NT_id = uNT_id).app_user_id
            End Set
        End Property

        Public Shared Property ussn As Integer
            Get
                Return db_apps.app_users.First(Function(t) t.NT_id = uNT_id).ssn
            End Get
            Set(value As Integer)
                value = db_apps.app_users.First(Function(t) t.NT_id = uNT_id).ssn
            End Set
        End Property

        Public Shared Property upwd As String
            Get
                Return db_apps.app_users.First(Function(t) t.NT_id = uNT_id).pwd
            End Get
            Set(value As String)
                value = db_apps.app_users.First(Function(t) t.NT_id = uNT_id).pwd
            End Set
        End Property

        Public Shared Property uname_first As String
            Get
                Return db_apps.app_users.First(Function(t) t.NT_id = uNT_id).name_first
            End Get
            Set(value As String)
                value = db_apps.app_users.First(Function(t) t.NT_id = uNT_id).name_first
            End Set
        End Property
    End Class