Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

storing user ID in session

Tags:

asp.net

When the user logs in, I want to store his userID in the session with

HttpContext.Current.Session["UserID"] = 2354; (this is just a hard-coded example)

Then, when I run a page method, if I do

var test = HttpContext.Current.Session["UserID"];

will the variable test hold the value I stored when he logged in?

If this is a correct way of doing it, how do I access the session when I receive a call from a page method? I want to put the test =... line in a page method to identify which user the request is coming from.

Thanks.

like image 712
frenchie Avatar asked Feb 15 '11 21:02

frenchie

People also ask

Is it safe to store user ID in session?

The actual information for this session is stored on the server. So this is secure. The user can never change the value that has been stored on the server. The user cannot change his id if you stored this inside the session.

How does Python store username in session?

Once you query user from DB, you need to store user id in session session['user_id'] = user.id . Then when you need to access the user info, you retrieve user_id back from the session user_id = session['user_id'] and query the user back from DB, and use the model instance as you like.

Is session shared between users?

No, it is not shared.

What is session User_id?

$_SESSION are super global variables which store values in SESSION and can be accessed like arrays. So user_id is just an index of a value in Session not a reserved keyword.

1 Answers

As has been already answered, yes - it should be fine, though if you sit on a page too long before calling a service using this method [WebMethod] it will fail. Best practice in that case is to check for the session and rebuild as necessary. The same is true for any other authentication to ensure that they haven't become unsyncronized or expired.

[WebMethod(EnableSession = true)]

    HttpContext context = HttpContext.Current;
    if (context.Session["UserID"] == null) {
      Utilites.PopulateSessionVars(context.Request.ClientCertificate, context.Request.ServerVariables["REMOTE_ADDR"]);
    }
    String userId = context.Session["UserID"].ToString();

(where Utilities.PopulateSessionVars is a method to rebuild the session data off of whatever you're using to log in ... which in my case is a PKI certificate)

like image 55
iivel Avatar answered Nov 15 '22 16:11

iivel
Sign in to Comment

Related questions

How to create a setup for a web application with Web Platform Installer
Custom web.config sections (ASP.NET)
Why do I get System.IO.FileLoadException: Could not load file or assembly, about once a week on my ASP.Net Website?
ASP.net server event handled client-side
Is it possible to implement new standards such as HTML5 in ASP.NET Webforms?
ASP.NET ApplicationId
ASP.Net load balancing
New-Cache parameters for AppFabric Cache when storing ASP.NET Session State
ASP.NET Profiles versioning?
Oracle padding exploit - how does it download the web.config?
nHibernate, an n-Tier solution + request for advice
Jquery to sort gridview columns at client side [closed]
ASP.NET MVC Int Array parameter with empty array defaults to {0}
OData and case sensitivity
ASP.NET Auto Complete DropDownList
msdeploy --- does it work or does it suck?
How to decode XML response from jQuery $.ajax request in Firefox
Is The 70-515 MCTS Training Kit Wrong on a ASP.NET Health Monitoring question?
Sharing session between two ASP.NET applications, where one is nested within the other
How to get the asp:CheckBox out of the ViewState? (__ControlsRequirePostBackKey__)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!