I have built a shopping cart that uses Session State to keep the shopping cart data while the user is browsing the store.
I have an issue where if I leave the browser window open for a long time on step1 of the shopping cart, then press "go to step 2", my actions throw an error because the step2 action assumes the session hasn't expired and the ShopCart object is in the correct state.
I would like this scenario to be nicer for my users, but I think i need to somehow detect if the session has expired so that on next request I can throw them to Step1.
Is this possible in ASP.NET (and MVC)?
Thanks!
CV
UPDATE:
I found the following blog post that claims to to solve the problem (this is similar to the first answer), but it doesn't work for me.
The IsNewSession condition is true but the condition
if ((null != sessionCookie) && (sessionCookie.IndexOf("ASP.NET_SessionId") >= 0)) {
// handle expired session
}
always returns false and it never handles the invalid session. I'm confused.
UPDATE 2:
Silly me, needed to restart the web server so that all the cookies sessions were invalidated.
This appears to work for me--
public class SessionExpireFilterAttribute : ActionFilterAttribute {
public override void OnActionExecuting(ActionExecutingContext filterContext) {
HttpContextBase ctx = filterContext.HttpContext;
// check if session is supported
if (ctx.Session != null) {
// check if a new session id was generated
if (ctx.Session.IsNewSession) {
// If it says it is a new session, but an existing cookie exists, then it must
// have timed out
string sessionCookie = ctx.Request.Headers["Cookie"];
if ((null != sessionCookie) && (sessionCookie.IndexOf("ASP.NET_SessionId") >= 0)) {
filterContext.Result = OnSessionExpiryRedirectResult(filterContext);
}
}
}
base.OnActionExecuting(filterContext);
}
public virtual ActionResult OnSessionExpiryRedirectResult(ActionExecutingContext filterContext)
{
return new RedirectToRouteResult(MVC.Account.LogOn().GetRouteValueDictionary());
}
}