4

i have an asp.net mvc4 application, in which i have this class:

public class Internaute {
  public int Id { get; set; }
  public string Name { get; set; }
  public string Login { get; set; }
  public string Password { get; set; }
}

then, when a user connect, i get its informations by storing it in a session variable like this:

Session["user"] = myInternaute;

And i used these informations ,for example, like this:

@{
  Internaute myInternaute = (Internaute)Session["user"];
  string login = myInternaute.Login;
  string pwd = myInternaute.Password;
}

I test the autorization of the user to acces by

Internaute myInternaute = (Internaute)Session["user"];
   if(myInternaute == null) return RedirectToAction("Index");

So i have these questions:

  1. Is it a good way to proceed by a session variable?
  2. Is there another idea to do this, because the session were lost.
  3. Does this idea have some advantages?

Thanks,

Improve this question

1 Answer 1

Reset to default
3

Is it a good way to proceed by a session variable?

Yes your code looks good except you should check for null whenever you get the value from Session to make sure its not null. Also, do you really need Password stored in session? Its not a good idea to store it as string in Session.

Is there another idea to do this, because the session were lost.

If I understand your question correctly, yes your session data will be lost on Session timeout. If you want you can increase the session timeout in the web.config file.

Does this idea have some advantages?

You will have some basic data about the user readily available in Session instead of querying the database but you should make sure that the Internaute class remains lightweight.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thank you, sorry i don't understand what do you mean by this sentence "make sure that the Internaute class remains lightweight" ?
I mean don't add lot of properties to it. Just keep what you need frequently throughout the application. All the other fields you can get it from DB when needed.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.