locked
ASP.NET Core MVC Session Alternative ? RRS feed

  • Question

  • User-150047965 posted

    I'm developing e-commerce system asp.net core mvc, I use session but I think this is a bad method. For example if user not make action session boom. I want to generate token and use.

    Does that make sense ? What is your suggestions ?

    Thursday, October 3, 2019 2:51 PM

All replies

  • User-821857111 posted

    What are you using session for? 

    Thursday, October 3, 2019 3:06 PM
  • User-150047965 posted

    Login to e-commorce with username,password from database

    Thursday, October 3, 2019 3:10 PM
  • User-474980206 posted

    its hard to imagine an e-commerce system that doesn't use session. though  for many (like amazon) its common to uses non-expiring sessions, although authorization expires. 

    asp.net core session are just a token in a cookie. Core fixed the performance issues with the old session manager.

    Thursday, October 3, 2019 3:12 PM
  • User-821857111 posted

    Login to e-commorce with username,password from database

    You should use ASP.NET Identity to manage authentication. 

    Thursday, October 3, 2019 3:19 PM
  • User753101303 posted

    Hi,

    Things are not bad or good. You have to understand them. Always favor what comes out of the box. ASP..NET does have an extensive system to manage authentication/authorization/users out of the box.

    To get back at session variables, I try to use them only for small, never changing, often used information I can reload on demand. This way the app is not sensitive to a missing session variable. It will just reload the value as needed (and it doesn't apply to knowing if a user is logged or not which is why you have this problem).

    Thursday, October 3, 2019 5:17 PM