locked
Cookies expired within Short Time even though has been set to expired 24 Houes RRS feed

  • Question

  • User989035446 posted

    Hi,

    I use cookies to control simultaneous login of same user. With that I create a cookies of life time 24 hours. My code is as per below.

      private static void CreateUserLoginTokenCookies(String vstrGuid)
            {
                try
                {
                    HttpCookie UserLoginTokenCookie = new HttpCookie("SMARTUserLoginToken");
                    UserLoginTokenCookie.Values.Add("UserToken", vstrGuid);
                    UserLoginTokenCookie.Expires = DateTime.Now.AddHours(24);
                    //UserLoginTokenCookie.Expires.Add(new TimeSpan(1, 0, 0));
                    HttpContext.Current.Response.Cookies.Add(UserLoginTokenCookie);
    
                }
                catch (Exception ex)
                {
                    throw ex;
                }
            }

    The problem is that the cookies is not readable in 10- 15 minutes. I encounter error at line HttpCookie UserLoginTokenCookie = Request.Cookies["SMARTUserLoginToken"]; with error message below.

    Object reference not set to an instance of an object

    Below is my code of retrieving cookies. Can anyone advise? I had set the cookies to expire 24 hours later but it expires so fast? Or it is not the way to check simultaneous login. Help!!

    private static void ValidateUserToken(HttpContext asp_net_context, Int32 viUserId)
            {
    
                DataSet dsUserToken = new DataSet();
    
                Util.set_context(asp_net_context);
    
                HttpRequest Request = asp_net_context.Request;
                HttpResponse Response = asp_net_context.Response;
    
                HttpCookie UserLoginTokenCookie = Request.Cookies["SMARTUserLoginToken"];
    
                if (UserLoginTokenCookie == null)
                {
                    Response.Redirect("default.aspx?ErrMsg=Please login again to get authrozied.");
                }
                else if (string.IsNullOrEmpty(UserLoginTokenCookie.Values["UserToken"]))
                {
    
                    Response.Redirect("default.aspx?ErrMsg=Please login again to get authrozied.");
    
                }
                else
                {
                    dsUserToken = getUserLoginToken(viUserId);
                    String strTokenValueInDB;
                    String strTokenValueInCookie;
    
                    strTokenValueInDB = dsUserToken.Tables[0].Rows[0]["UserToken"].ToString().Trim();
                    strTokenValueInCookie = UserLoginTokenCookie.Values["UserToken"].ToString().Trim();
    
                    if (strTokenValueInDB != strTokenValueInCookie)
                    {
                        // w.WriteLine("Value not equal\n");
                        Response.Redirect("default.aspx?ErrMsg=Multi login session for the same account detected. Your current login session is terminated. Please log in to continue.");
    
    
                    }
    
                }
    
    
            }



    Wednesday, April 14, 2021 8:14 AM

Answers

  • User753101303 posted

    The problem is that this line

    HttpCookie UserLoginTokenCookie = Request.Cookies["SMARTUserLoginToken"];

    does NOT fail if the cookie expired. It will just return a null HttpCookie (and on the next line you are testing if this object is null).

    "Object referefence does not set to an instance of an object" happens when you try to access an object member while the object is null. So if it happens really on this line it would rather mean that Request is null I suspect Uril..set_contextt could perhaps do something wrong ???

    You could use the browser development tools to check the cookie xxpiration date but for now it seems to me you assume a root cause that doesn't actiually match the problem you have.

    Edit: for example my first move would be to try :

    if(Request==null) throw new ArgumentNullException("Request"); // does it happen ?
    HttpCookie
    UserLoginTokenCookie = Request.Cookies["SMARTUserLoginToken"];

    Edit 2: or if you prefer I have a lbl Label as well as a create and a refresh button with the following code:

        protected void Page_Load(object sender, EventArgs e)
            {
                var c = Request.Cookies["test"];
                lbl.Text = c == null ? "null" : "!null";
            }
    
            protected void create_Click(object sender, EventArgs e)
            {
                var c = new HttpCookie("test");
                c.Expires = DateTime.Now.AddSeconds(15);
                Response.Cookies.Add(c);
            }

    I create a cookie using the "create" button and then  I use the "refresh" button to show the page again which shows "!null". After around 15 seconds it doesn't fail with the "Objet reference not set to an instance" error message. it just shows that the retrieved cookie object is null.

    IMO really double check what happens. For now it really seems to me that have some other problem than an expired cookie.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 14, 2021 10:26 AM

All replies

  • User753101303 posted

    Hi,

    But then as expressed in your code I would expect UserLoginTokenCookie to be null. Could it be that the Requesrt ojbect is null ? This is called from where ?

    Edit: What does Util.set_context(asp_net_context); ?

    Wednesday, April 14, 2021 8:46 AM
  • User989035446 posted

    Hi PatriceSc,

    Both the code are inside Login.aspx.  CreateUserLoginTokenCookies() is called after success login and ValidateUserToken() is called after CreateUserLoginTokenCookies().

    Error happened below code in ValidateUserToken().I had set the cookied to expire after 24  hours but i can't read the cookies after 10-15 minutes. Do you have any idea?

     HttpCookie UserLoginTokenCookie = Request.Cookies["SMARTUserLoginToken"];

    Wednesday, April 14, 2021 9:06 AM
  • User753101303 posted

    The problem is that this line

    HttpCookie UserLoginTokenCookie = Request.Cookies["SMARTUserLoginToken"];

    does NOT fail if the cookie expired. It will just return a null HttpCookie (and on the next line you are testing if this object is null).

    "Object referefence does not set to an instance of an object" happens when you try to access an object member while the object is null. So if it happens really on this line it would rather mean that Request is null I suspect Uril..set_contextt could perhaps do something wrong ???

    You could use the browser development tools to check the cookie xxpiration date but for now it seems to me you assume a root cause that doesn't actiually match the problem you have.

    Edit: for example my first move would be to try :

    if(Request==null) throw new ArgumentNullException("Request"); // does it happen ?
    HttpCookie
    UserLoginTokenCookie = Request.Cookies["SMARTUserLoginToken"];

    Edit 2: or if you prefer I have a lbl Label as well as a create and a refresh button with the following code:

        protected void Page_Load(object sender, EventArgs e)
            {
                var c = Request.Cookies["test"];
                lbl.Text = c == null ? "null" : "!null";
            }
    
            protected void create_Click(object sender, EventArgs e)
            {
                var c = new HttpCookie("test");
                c.Expires = DateTime.Now.AddSeconds(15);
                Response.Cookies.Add(c);
            }

    I create a cookie using the "create" button and then  I use the "refresh" button to show the page again which shows "!null". After around 15 seconds it doesn't fail with the "Objet reference not set to an instance" error message. it just shows that the retrieved cookie object is null.

    IMO really double check what happens. For now it really seems to me that have some other problem than an expired cookie.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, April 14, 2021 10:26 AM
  • User989035446 posted

    Hi  PatriceSc,

    Thank you so much for the adivse. You are right that the problem does not come from 

    HttpCookie UserLoginTokenCookie = Request.Cookies["SMARTUserLoginToken"];

    It is the code below that reset the HttpRequest

    Util.set_context(asp_net_context);

    After removing the code, the multi session control has ben working for 2 weeks.

    Thank you so much!!

    Wednesday, April 28, 2021 4:27 AM