locked
Help Needed on persisting user data RRS feed

  • Question

  • User1489758560 posted

    Hi,

    I am learning asp.net core 2.2 razor and i have created a login page.once the users gets validated, the user information wil be retreived on the logi page. i want to use that user information(id,name,age,firstname, lastname and other information across the application). i don't want to do DB call every time to get this data so i wanted to have this in one place and wanted to use it whenever and wherever i needed. should i use cache or can this be achieved based on singleton or context? please advice me. it would be great to share some source code for reference.

    Thanks in advance.

    Wednesday, February 5, 2020 2:42 PM

Answers

  • User475983607 posted

    Thank you for the response and here is the full requirement. we have website which is built using asp.net framework 4.6 and from the website there will be a link which gets clicked should redirect to another website which is getting developed in asp.net core 2.2 razor.</div> <div> </div> <div>so the link will have the query string of user creds and will gets passed to the new application's authenticate page. along with authentication, we are bringing user's data which has to be used across the pages. so am struck with where to store  the user data to be used in other pages. basically i don't want to reach database every time to get user data.  <div>i am not using identity. infact don't know what to use. any help is much appreciated.</div> <div></div>

    I'm confused by your response.  The .NET 2.2 app, which is End of Life, is currently not secured?  The first step is adding security.  Cookie authentication is good choice.

    https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-3.1

    Once you have cookie auth working then craft an action or razor page to read the querystring, validate the user account, and add whatever claims you like to the token.  The claims will persist and available in every requests.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, February 5, 2020 5:43 PM
  • User711641945 posted

    Hi born2win,

    For the session is idle it has to log out,you could try the following code:

    services.ConfigureApplicationCookie(options =>
    {
         options.ExpireTimeSpan = TimeSpan.FromSeconds(5);
    });

    Best Regards,

    Rena

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, February 13, 2020 8:52 AM

All replies

  • User475983607 posted

    Hi,

    I am learning asp.net core 2.2 razor and i have created a login page.once the users gets validated, the user information wil be retreived on the logi page. i want to use that user information(id,name,age,firstname, lastname and other information across the application). i don't want to do DB call every time to get this data so i wanted to have this in one place and wanted to use it whenever and wherever i needed. should i use cache or can this be achieved based on singleton or context? please advice me. it would be great to share some source code for reference.

    Thanks in advance.

    .NET core 2.2 has the same persistent storage found in ASP.NET.  Can you be a bit more explicit in explaining how your application works and why you are having trouble persisting data?  Have you gone through the documentation?

    https://docs.microsoft.com/en-us/aspnet/core/fundamentals/app-state?view=aspnetcore-3.1

    Maybe you are using Identity and want to add id,name,age,firstname, lastname and other information across the application to the user's token?  

    Wednesday, February 5, 2020 2:57 PM
  • User1489758560 posted

    Thank you for the response and here is the full requirement. we have website which is built using asp.net framework 4.6 and from the website there will be a link which gets clicked should redirect to another website which is getting developed in asp.net core 2.2 razor.</div> <div> </div> <div>so the link will have the query string of user creds and will gets passed to the new application's authenticate page. along with authentication, we are bringing user's data which has to be used across the pages. so am struck with where to store  the user data to be used in other pages. basically i don't want to reach database every time to get user data.  <div>i am not using identity. infact don't know what to use. any help is much appreciated.</div> <div></div>

    Wednesday, February 5, 2020 3:30 PM
  • User753101303 posted

    Hi,

    ASP.NET Identity comes with a default EF implementation but you could use whatever underlying store you want and just the parts you actually need. It could be a bit overkill in your case but this way your app deals with a know interface you'll be able to easily replace if and when  needed (such as loading some information on demand, caching it or even using some other authentication later).

    Edit: forgot to provide https://docs.microsoft.com/en-us/aspnet/core/security/authentication/identity-custom-storage-providers?view=aspnetcore-3.1 which helps to better understand how ASP.NET Identity works rather than when starting from the full EF default implementation...

    Your custom SSO approach seems a bit questionable. You'll pass even the password through the query string. How the targeted application will know this is correct? Which authentication method is using the first application? You may want also to ask about that maybe in a new thread. You may have better options...

    Wednesday, February 5, 2020 4:14 PM
  • User475983607 posted

    Thank you for the response and here is the full requirement. we have website which is built using asp.net framework 4.6 and from the website there will be a link which gets clicked should redirect to another website which is getting developed in asp.net core 2.2 razor.</div> <div> </div> <div>so the link will have the query string of user creds and will gets passed to the new application's authenticate page. along with authentication, we are bringing user's data which has to be used across the pages. so am struck with where to store  the user data to be used in other pages. basically i don't want to reach database every time to get user data.  <div>i am not using identity. infact don't know what to use. any help is much appreciated.</div> <div></div>

    I'm confused by your response.  The .NET 2.2 app, which is End of Life, is currently not secured?  The first step is adding security.  Cookie authentication is good choice.

    https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-3.1

    Once you have cookie auth working then craft an action or razor page to read the querystring, validate the user account, and add whatever claims you like to the token.  The claims will persist and available in every requests.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Wednesday, February 5, 2020 5:43 PM
  • User1489758560 posted

    Hi AgaveJoe,

    Thank  you for the reply and based on your reply i understood that i can use claims to achieve the persistence of user data across the pages. Also, i am planning to use forms based authentication and if u use the below way, will take care of forms authentication? like after 30 mins, if the session is idle it has to log out.

    In the Startup.cs, configure method.
    
    app.UseCookieAuthentication(options =>
    {
      options.AutomaticAuthenticate = true;
      options.AutomaticChallenge = true;
      options.LoginPath = "/Home/Login";
    });
    Add Authorize attribute to protect the resources you want to secure.
    
    [Authorize]
    public IActionResult Index()
    {
      return View();
    }
    In the Home Controller, Login Post action method, write the following method.
    
    var username = Configuration["username"];
    var password = Configuration["password"];
    if (authUser.Username == username && authUser.Password == password)
    {
      var identity = new ClaimsIdentity(claims, 
          CookieAuthenticationDefaults.AuthenticationScheme);
    
      HttpContext.Authentication.SignInAsync(
        CookieAuthenticationDefaults.AuthenticationScheme,
        new ClaimsPrincipal(identity));
    
      return Redirect("~/Home/Index");
    }
    else
    {
      ModelState.AddModelError("","Login failed. Please check Username and/or password");
    }

    Wednesday, February 5, 2020 6:23 PM
  • User711641945 posted

    Hi born2win,

    For the session is idle it has to log out,you could try the following code:

    services.ConfigureApplicationCookie(options =>
    {
         options.ExpireTimeSpan = TimeSpan.FromSeconds(5);
    });

    Best Regards,

    Rena

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, February 13, 2020 8:52 AM