3

In my Asp.Net MVC application, I want to hide the cart and some buttons if the session is expired.

Here is what I found to do that : How to call function on timer ASP.NET MVC

window.setInterval(function() {
  // Send an AJAX request every 5s to poll for changes and update the UI
  // example with jquery:
  $.get('/foo', function(result) {
    // TODO: use the results returned from your controller action
    // to update the UI
  });
}, 5000);

The question is about the effect of this type of ajax calls on the session. Will an ajax call like this extend the session or as it is not an user action, the session will expire at the end ?

Rory McCrossan
  • 331,213
  • 40
  • 305
  • 339
Coskun Ozogul
  • 2,389
  • 1
  • 20
  • 32
  • 1
    Yes, sending the request will extend the session, so this pattern is flawed. – Rory McCrossan Sep 20 '18 at 09:05
  • I don't know if I should ask another question. In this case, is there any way to check if the session is expired periodicly ? – Coskun Ozogul Sep 20 '18 at 09:07
  • https://stackoverflow.com/questions/3877646/handler-with-irequiressessionstate-does-not-extend-session-timeout It seems that you can remove this functionality by removing a header. But im not sure what header since the OP of the linked question removes all. – Mark Baijens Sep 20 '18 at 09:10
  • Thanks for comments, I am going to try your article. And I found this : https://www.codeproject.com/Questions/457540/Redirect-to-Session-Expired-Page-When-Session-time I will update my question if I find a solution. – Coskun Ozogul Sep 20 '18 at 09:18
  • If you find a solution, don't update your _question_. Instead, write the solution in the _answers_ section of the page. Thanks. – ADyson Sep 20 '18 at 09:27
  • 1
    Yes, it was what I wanted to say but I couldn't be clear :) Thanks. I am going to post the solution as answer if I find it. – Coskun Ozogul Sep 20 '18 at 09:35

1 Answers1

0

Here is the soulution:

Added this class in my appication :

   using System;
   using System.Web;
   using System.Web.Mvc;
   using System.Web.Security;

namespace Capron.MVC.Filters
{
   [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, Inherited = true, AllowMultiple = true)]
   public class SessionExpireFilterAttribute : ActionFilterAttribute
   {
      public override void OnActionExecuting(ActionExecutingContext filterContext)
      {
        if (filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.ToLower() == "home" 
            && (filterContext.ActionDescriptor.ActionName.ToLower() == "index" 
            || filterContext.ActionDescriptor.ActionName.ToLower() == "ındex")) {
            base.OnActionExecuting(filterContext);
            return;
        }
        HttpContext ctx = HttpContext.Current;
        if (ctx.Session != null)
        {
            if (ctx.Session.IsNewSession)
            {
                if (filterContext.HttpContext.Request.IsAjaxRequest())
                {
                    string sessionCookie = ctx.Request.Headers["Cookie"];
                    if (sessionCookie != null && sessionCookie.IndexOf("ASP.NET_SessionId") >= 0)
                    {
                        filterContext.HttpContext.Response.StatusCode = 401;
                        filterContext.HttpContext.Response.End();
                    }
                }
                else
                {
                    ctx.Response.Redirect("~/Home/Index");
                }
            }
        }
         base.OnActionExecuting(filterContext);
      }
   }
}

And added this attribute to my controller:

[SessionExpireFilterAttribute]
public class HomeController : BaseController
{
 ...
Seabizkit
  • 2,417
  • 2
  • 15
  • 32
Coskun Ozogul
  • 2,389
  • 1
  • 20
  • 32