CODEWITHSUNDEEP
asp.net
Alex
Alex

Reputation: 3855

Detect session timeout after Response.Redirect?

I am implementing the log-in/log-out functionality on a website. Whenever the user clicks on Sign out button (anywhere but at the login page, Login.aspx), the following method will execute:

protected void SignOut(object sender, EventArgs e)
{
    Session.Abandon();
    Response.Redirect("Login.aspx");
}

Now, when the redirect happens, I want to do the following in Login.aspx:

protected void Page_Init(object sender, EventArgs e)
{
    if ( Session_has_timed_out ... )
        SessionTimeOutDIV.Text = "Session timed out. Please log in again.";
    else
    {
        // normal logic here ...
    }
}

Q: How do I check that the session was previously terminated, given that I need to check this (1) after the actual call to Session.Abandon() and (2) after I am redirected from where the call to Session.Abandon() had happened?

Upvotes: 0

Views: 172

Answers (1)

Ravi A.
Ravi A.

Reputation: 2213

Yes that's why for authentication it is recommended to rely on cookie and use formsAuth or now ASP.Net Identity. If it was MVC we have TempData but for webforms I don't think there is any such thing. So you can use other state management techniques like query string

Response.Redirect("Login.aspx?Logout=true");

In page_init of Login.aspx 

    if (Request.QueryString["LogOut"] != null && Request.QueryString["LogOut"] == "true") //do handle exception and casting
    {
        //SessionTimeOutDIV.Text = "Session timed out. Please log in again.";
    }
    else
    {
        // normal logic here ...
    }

This is only a hack, hope this helps.

Upvotes: 1

Related Questions