0

I am currently in the process of sketching-out an application that allows real-time interactions with website visitors.

Therefore, I have two different "User-types":

  1. Unregistered User: these are the visitors
  2. Registered User: these have a (custom) ASP.NET MVC membership

Now, I am persisting "UserNames" and ConnectionIds in a DB so I can freely scale at some point in the future. I do this by accessing Context.Identiy.User.UserName from within the Hub and then query the DB for any existing "sessions".

Here is the problem:

  1. I need two different types of "User"
    1. For one, I want to dynamically generate a GUID - these are the visitors and will be removed from the database after a given amount of inactivity.
    2. These are the admins, they have their proper identities attached to the Context object.

So, how would one go about accessing a "session" from SignalR? It is not really a Session, I just need to get a SessionId from a Cookie on each initial request to the MVC-Controller, that's all. All I need to be able to do is:

  1. Have an auto-generated "SessionId" which I can use to persist visitors across requests
  2. Have a more "extended" identity: I want to use UserId instead of UserName

Anyway, I hope this makes sense but chip in if anything is unclear.

JDR
  • 1,094
  • 1
  • 11
  • 31
  • Just render Hidden Field in Layour.cshtml that will hold value of HttpContext.Session.SessionID and you can access that value from your JS – HaBo Aug 22 '13 at 17:39
  • Thanks for sharing your idea HaBo. I would be interested if that has any security implications as opposed to using a properly encrypted cookie carrying that information. However, afaik, this cannot be read using SignalR. – JDR Aug 22 '13 at 17:41
  • I am not sure how you are triggering your signalR, if you are triggering your SignalR using JS then this is a decent way, and there should be an major security breaches by having sessionId in hidden field, it depends up on what type of application is this and what is your security concerns and policy. – HaBo Aug 22 '13 at 17:45
  • Well, it is mostly like a live chat that can be included into a website via JS (cross-domain). Or I suppose when the JS-file is requested (it is a Controller-action), I could generate a Cookie, read that cookie within the JS file and send that to SignalR? It just needs to stay there across requests. I would have loved for there to be a way to simply access "Context.Identity.Visitor.UniqueId" - that would solve everything. – JDR Aug 22 '13 at 17:48
  • If it is all about getting unique ID of anonymous user on chat, then see this Context.ConnectionId http://www.codeproject.com/Articles/562023/Asp-Net-SignalR-Chat-Room I have implemented it on my website http://www.harshabopuri.com/chat – HaBo Aug 22 '13 at 18:21
  • Thanks again HaBo. Well, I am wanting to store all ConnectionIds of a user anyway (EFUserEntity.ConnectionIds). So I need one Id that is persistent across all requests (page change/refresh). Ideally, I would store that Id in a Cookie which I can access within my Hub. That would save me from having to read the Cookie via JavaScript, send it to the Hub and then decrypt it. Anyway, maybe I am also not thinking entirely straight on the topic!? – JDR Aug 23 '13 at 09:04

1 Answers1

0

Okay, I just realised that I can use "HttpContext.Current.Request.AnonymousId" and I am linking this up to a Session-database.

Here some relevant documentation: http://msdn.microsoft.com/en-us/library/system.web.httprequest.anonymousid.aspx

This solved my problem in this case. :-)

JDR
  • 1,094
  • 1
  • 11
  • 31