'ASP.NET Core Session Timeout

I remember we have used session.timeout in ASP.NET to change the session timeout which was 20 minutes if not changed.

I tried to change the session time out in ASP.NET Core 3.1 in Startup.cs but nothing happens. I use Identity for operators and set the Idle Timeout for 5 hours 'I Think' but operators sign out after 1-2 minutes and should re-login hundreds of times for completing an article.

services.AddSession(options =>
{
    options.IdleTimeout = TimeSpan.FromHours(5);
    options.Cookie.HttpOnly = true;
    options.Cookie.IsEssential = true;
});

What am I missing ??

asp.netasp.net-coresessionasp.net-identitysession-cookies


Solution 1:[1]

For using session state in an ASP.NET Core you need to add the session middleware to your pipeline.

important: The order of middleware is the key. Call UseSession between UseRouting and UseEndpoints.

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
    app.UseSession();
}

More info : MSDN

Solution 2:[2]

As you said you are using identity then use the following code in your startup.cs class after services.AddIdentity().

public void ConfigureServices(IServiceCollection services)
    {
        ...

        services.AddAuthentication().AddCookie(o =>
        {
            o.ExpireTimeSpan = TimeSpan.FromHours(5);
        });
    }

Solution 3:[3]

public void ConfigureServices(IServiceCollection services)
{
        services.AddDistributedMemoryCache();

        services.AddSession(options =>
        {
            options.IdleTimeout = TimeSpan.FromSeconds(10);
            options.Cookie.HttpOnly = true;
            options.Cookie.IsEssential = true;
        });
}

The preceding code sets a short timeout to simplify testing.

The order of middleware is important. Call UseSession after UseRouting and before UseEndpoints. See Middleware Ordering.

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
    app.UseSession();
}

HttpContext.Session is available after session state is configured.

HttpContext.Session can't be accessed before UseSession has been called.

A new session with a new session cookie can't be created after the app has begun writing to the response stream. The exception is recorded in the web server log and not displayed in the browser.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 XAMT
Solution 2 Zubair Rana
Solution 3 dbc

Related Questions

Passing data from database containing new line breaks jquery

Creating .ICS files, adding to outlook

ASP.NET: HTTP Error 500.19 – Internal Server Error 0x8007000d

The configuration section cannot contain a CDATA or text element

Attempting to make enter button 'clickable'

automapper map interface to interface or object

How to show or hide contents of an aspx page based on current user's roles

The server response was: 5.7.0 Must issue a STARTTLS command first. i16sm1806350pag.18 - gsmtp

IIS 8.0 Detailed 500.0 Internal Server Error - IsapiModule Not Found

EntityDataSource - how to do WHERE Clause from different table

No authentication handler is registered for the scheme 'Cookies'. The registered schemes are: Application, Bearer, ASOS

How to use jquery in ASP.​NET Core

Create HTML table from a list

How to change Text of button in FileUpload control and set value to textbox

How to add project reference to ASP.NET Core 1.0 MVC project