tags:

views:

2861

answers:

2
+6  Q: 

How should I integrate session state into an ASP.NET MVC application?

I'm looking for thoughts on how should I use Session in an ASP.NET MVC application? Especially when using masterpages and tryin to just get the data to the masterpage without bypassing the controller. This question started off by me asking a lot of little questions, but then I managed to mould it into a solution which as yet I have not implemented but one which is somewhat workable. Would appreciate any feedback.

My proposed solution aka 'what i am about to implement unless someone says stop!'

I have my model classes inheriting from ModelBase -- which contains the information needed by the masterpage (there is only one view per page) for certain things it displays in the masthead or footer as well as configuration driven settings based upon who is logged in.

My best solution is as follows - shown here for a 'products page':

Assumption: I have at some point already stuck certain data in session - for instance perhaps a partnerId which came in through a gateway page, or a currentLoggedInUserEmail property or a fully blown object.

I have a ModelBase class from which every model - such as ProductModel inherits

I have a MySiteControllerBase class (inherits from Controller) - which is subclassed by ProductController.

In my action method in ProductController I create the model for the product view with 'new ProductModel()'. This model class itself knows nothing about session or how to populate ModelBase. It essentially doesn't even know about ModelBase - it just inherits from it. My chained constructor does nothing (because I don't want to pass it Session).

I override View(...) in MySiteControllerBase for all the overloads that take a model parameter. I check to see if that parameter is of type ModelBase and if it is I populate the properties such as partnerid and currentLoggedInuserEmail. Fortunately because I'm inside a class that inherits from Controller I have direct access to Session so i can pull them straight out of there.

This method means that the properties on ModelBase are automatically populated just by me doing 'return View(model)'. However there is an obvious issue if the model for ProductModel needs to access anything defined on ModelBase. It's going to get null because it isn't populated yet.

This issue can be solved by passing in Session to new ProductModel(session) which would in turn pass it up the constructor chain to new ModelBase(session). I really dont like that solution though becasue I like to think of a model as a pretty dumb data structure that shouldn't know about any external data constructs at all. Another solution might be to just wing it, and if i ever find that ProductController needs to consume anything defined in ModelBase that I just create a method MySiteControllerBase.UpdateModelBase(productModel, session) to explicitly populate it inside ProductController. I hope thats clear!

Other questions that come to mind are :

  • What about unit testing? Is there any abstraction around Session state in MVC or should I build my own? I did a search in the sourcecode for 'session' and nothing came up!
  • How does session tracking work with /REST/FUL/URLS in MVC? Are there any issues ith cookies off that I need to know about?
  • Should I think of session differently from how I traditionally have?
+1  A: 

As for unit testing, you will need a fake HttpContext object (extend from HttpContextBase) and a fake session object (extend from SessionStateBase). Or you can do what we do, and use Phil Haacks HttpSimulator. Not a perfect solution, but there are so many tightly coupled objects that get wired together when you do anything with asp that you wont ever really find anything particularly elegant. We found we kept bumping into it so much that it was worth it to grab those classes and stick them in a helper library.

Cookies work by domain, so there isn't really any problems around that. You can always configure session to be in-proc as well and cookieless.

In general, be very sparse with what you keep in the session. But that goes for Webforms as well.

Matt Briggs  2009-01-29 04:28:24
A: 

Although there is nothing, in principle, wrong with using Session in ASP.NET MVC applications (well, at least nothing more wrong than using it in other ASP.NET applications...), I tend to feel it should be a last resort, when other things don't work.

Although your question is, generally, very well-written, you don't go into any great detail on what you propose to store in Session. The two examples I found in your question are:

  • Current user e-mail
  • partnerid

The user's e-mail address is already available from forms authentication, if you are using that, and can be added to other ASP.NET membership providers which don't already support it. It's not clear what partnerid actually is, but I'm skeptical that the Session is the only possible place to store it.

On the other hand, it's entirely possible that you need to store stuff you haven't told us about which would really only fit in the session.

So before you go too far down this road, make sure that other solutions are not already available for the data you need to store.

Craig Stuntz  2009-01-29 15:21:17
to be honest i don't fully know yet - i'm just trying to become an expert up front on MVC and figure everything out. our site will have a 'mini' shopping cart with an ultra cool AJAX interface which will then pass its state on to our 'less exciting' purchased shopping cart. so i need a 'cart'
Simon_Weaver  2009-01-29 20:30:19
my main goals are 1) make sure theres no good abstraction out there for session in MVC (to make it easier to test) that someone has written and 2) make sure I most efficiently use and deal with session within the MVC framework
Simon_Weaver  2009-01-29 20:55:08
@craig what kind of application are you creating that you dont need session for?
Simon_Weaver  2009-01-30 04:24:06
Right now I'm building a secure web application to do time entry for a variety of different tasks. The only "session" but I'm using is TempData. (ASP.NET MVC stores this in the session, temporarily.) To flip this question on its head, what sort of data can only be stored in the session?
Craig Stuntz  2009-01-30 14:21:39

related questions

What's the best way to implement field validation using ASP.NET MVC?
How do I handle page flow in MVC (particularly asp.net)
Entity diagrams in ASP.NET MVC
How do I get rid of Home in ASP.Net MVC?
Can I generate ASP.NET MVC routes from a Sitemap?
ASP.NET Model-view-controller (MVC) - where do I start from?
user controls and asp.net mvc
ASP.Net MVC route mapping
RSS Feeds in ASP.NET MVC
Open Source Licensing Options for ASP.NET MVC Application?
Does the OutputCacheFilter in the Microsoft MVC Preview 4 actually save on action invocations?
MVC Learning Resources
Validating posted form data in the ASP.NET MVC framework
Best mock framework that can do both WebForms and MVC?
Use the routing engine for form submissions in ASP.NET MVC Preview 4
How do you get a custom id to render using HtmlHelper in MVC
MVC Preview 4 - No route in the route table matches the supplied values.
Is there a way to include a fragment identifier when using Asp.Net MVC ActionLink, RedirectToAction, etc. ?
In ASP.NET MVC I encounter an incorrect type error when rendering a user control with the correct typed object
ASP.NET MVC - Is it worth it yet?
Multiple languages in an ASP.NET MVC application?
Is it better to create Model classes, or just stick with generic database utility class?
ASP.NET MVC Without Visual Studio
ASP.NET MVC "CRUD" Database Sample
How to RedirectToAction in ASP.NET MVC without losing request data