locked
Session lost after log in RRS feed

  • Question

  • User-826730287 posted

    Hello 

    I am Logging to my system using the following code 

    [HttpPost]
            public ActionResult LogIn(Users Users)
            {
                if (ModelState.IsValid)
                {
                    Customers customer = new Customers();
                    int count = db.Customers.Count(x => x.email == Users.email && x.password == Users.password && x.status == 0);
                    var user = db.Customers.SingleOrDefault(x => x.email == Users.email && x.password == Users.password);
                    if (count > 0)
                    {
                        FormsAuthentication.SetAuthCookie(customer.email, true);
                        Session["LoggedCustomerId"] = user.customer_id;
                        Stabilizer.UserName = user.first_name + "." + user.sure_name;
                        TempData["user"] = user;
                        Session.Timeout = 480;
                        Stabilizer.CustomerId = user.customer_id;
                        if (TempData["source"] != null)
                        { 
                            return RedirectToAction("Checkout", "Products"); 
                        }
                        else {
                            return RedirectToAction("Profile", "Account", new { username = Stabilizer.UserName }); 
                        }
                    }
                    else
                    {
                        ModelState.AddModelError("", "Invalide username or password");
                    }
                }
                return View();
            }

    and the process goes successfully, but when I click any link on the page the session timed out and the user is logged off and I do not know why?

    Thanks in advance!

    Saturday, March 30, 2013 2:29 PM

Answers

  • User-1620313041 posted
    I dont understand your login technique, you use both auth cookiie that is the standard asp.net authentication technique, but then you put some user infos in the Session, and some other in TempData. Consider that auth cookie and Session are not synchronized so one may expire while the other continue living. Moreover TempData just live one post...then it is cleared out. So I am not surprised you have similar problems.
    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Saturday, March 30, 2013 4:34 PM