1

I'm not sure I'm handling this the right way, but since I'm running into issues, I assume I'm not.

I have to have a corporation id sent in when loading the login screen.

Looks like this:

public ActionResult LogOn(string id)
{
  var sb = new StringBuilder();
  sb.AppendLine(string.Format("CorpID: {0}", id));

  if(ViewBag.CorpID != null)
    sb.AppendLine(string.Format("ViewBag.CorpID: {0}", ViewBag.CorpID));

  Guid corpIdGuid;
  if (!Guid.TryParse(id, out corpIdGuid) && string.IsNullOrEmpty(ViewBag.CorpID))
    return null;

  // the id passed in will take presidence over the 
  // viewbag unless it is blank then we use viewbag
  // one way or the other viewbag.corpid should not
  // be blank
  if(!string.IsNullOrEmpty(id))
    ViewBag.CorpID = id;

  // Session["CorpId"] = id;
  //Not a junk guid.. continue.
  return View();
}

I need this to establish what company we will be working with during this session.

The problem I am running into, is when the cookie timeout occurs, which is set to 10 minutes, it directs them back to this login and I have no corpid anymore.

I tried the viewbag and it's being reset.

I tried a cookie, but since it expires, the data is no longer there.

I tried a Profile Manager but since they are logged it, that puts me back to nothing.

How do I maintain this CorpId when the user has timed out and put back on the login screen? I need this information for each screen I have also.

Any input would be greatly appreciated!

tereško
  • 58,060
  • 25
  • 98
  • 150
ErocM
  • 4,505
  • 24
  • 94
  • 161
  • I do not have any asp.net code in my application, please stop editing my tags and adding it. – ErocM Sep 10 '12 at 19:48
  • and where did the [`ActionResult`](http://msdn.microsoft.com/en-us/library/system.web.mvc.actionresult(v=vs.108).aspx) come from? Because you question is clearly unrelated to MVC design pattern. – tereško Sep 12 '12 at 12:25

1 Answers1

2

You need to create a separate cookie that identifies the Corporate ID that doesn't expire with user's session. Session["CorpId"] will expire with the user session and won't work.

var corpCookie = new HttpCookie("CorpID", id);
corpCookie.Expires = DateTime.Now.AddDays(30.0);
HttpContext.Current.Response.Cookies.Set(corpCookie);

Each time the user logs in, you could update the expiry to make it a sliding expiration. To retrieve the cookie value, use the following:

var corpID = HttpContext.Current.Request.Cookies.Get("CorpID").Value;
SliverNinja - MSFT
  • 31,051
  • 11
  • 110
  • 173
  • 1
    You can use [`System.Web.HttpContext.Current`](http://msdn.microsoft.com/en-us/library/system.web.httpcontext.current.aspx) or [`Controller.HttpContext`](http://msdn.microsoft.com/en-us/library/system.web.mvc.controller.httpcontext%28v=vs.98%29.aspx) - it's up to you. – SliverNinja - MSFT Sep 10 '12 at 15:57
  • 2
    Actually, if you don't specify an Expires, the the cookie is considered "non-persistent", so it will live for as long as the browser window is not closed (even if the session expires). This may be better than creating a persistent cookie. – Erik Funkenbusch Sep 10 '12 at 16:29
  • @MystereMan I'm glad I checked back on this post. That's exactly what I want. Thanks! – ErocM Sep 10 '12 at 17:30