Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Session Cookie never set in asp.net core

I am trying to configure sessions for an asp.net core 2.0 website, but the session cookie is never set.

I call ..

app.UseSession();

...in Startup.Configure and ...

        services.AddDistributedMemoryCache();

        services.AddSession(options =>
        {
            options.IdleTimeout = TimeSpan.FromMinutes(10);
            options.Cookie.HttpOnly = false;
            options.Cookie.Name = "WS_AUTH_ID";
        });

... in the ConfigureServices method.

In the Controller I can acess ...

HttpContext.Session.Id;

... but the id is always different for every request.

Am I missing something?

Update: I should metion that I can set cookies "manually" and the browser will "receive" them.

HttpContext.Response.Cookies.Append("Test_cookie", "yo");
like image 756
Preli Avatar asked Mar 14 '18 11:03

Preli


People also ask

Is session cookie necessary?

Session cookies are essential for a website's functionalities or for it to deliver a service that it intends to. They are also exempt from consent requirements under privacy regulations like the GDPR.

Does session depend on cookies?

Sessions are cookies dependent, whereas Cookies are not dependent on Session. The session ends when the user closes the browser or logout from the application, whereas Cookies expire at the set time. A session can store as much data as a user want, whereas Cookies have a limited size of 4KB.

Can we use session in .NET Core?

ASP.NET Core maintains session state by providing a cookie to the client that contains a session ID. The cookie session ID: Is sent to the app with each request. Is used by the app to fetch the session data.

Is session independent of cookies by default?

By default, SessionID values are stored in a cookie. However, you can also configure the application to store the SessionID value in the URL for a "cookieless" session.


1 Answers

If you have the cookie policy turned ON the session cookiewon't be created until the user accepts the use of Cookies, this is to comply with the EU's GDPR.

You can remove the line app.UseCookiePolicy(); from you Startup and then it will work, otherwise your users will need to agree to the use of cookies before you can use the cookie for session control.

like image 196
Rui Lima Avatar answered Sep 17 '22 13:09

Rui Lima