ASP.NET Core MVC Session Alternative ?

Question

User-150047965 posted

I'm developing e-commerce system asp.net core mvc, I use session but I think this is a bad method. For example if user not make action session boom. I want to generate token and use.

Does that make sense ? What is your suggestions ?

Answer 1

User-821857111 posted

What are you using session for? 

Answer 2

User-150047965 posted

Login to e-commorce with username,password from database

Answer 3

User-474980206 posted

its hard to imagine an e-commerce system that doesn't use session. though  for many (like amazon) its common to uses non-expiring sessions, although authorization expires. 

asp.net core session are just a token in a cookie. Core fixed the performance issues with the old session manager.

Answer 4

User-821857111 posted

Login to e-commorce with username,password from database

You should use ASP.NET Identity to manage authentication. 

Answer 5

User753101303 posted

Hi,

Things are not bad or good. You have to understand them. Always favor what comes out of the box. ASP..NET does have an extensive system to manage authentication/authorization/users out of the box.

To get back at session variables, I try to use them only for small, never changing, often used information I can reload on demand. This way the app is not sensitive to a missing session variable. It will just reload the value as needed (and it doesn't apply to knowing if a user is logged or not which is why you have this problem).