Get Session from HttpActionContext

Question

I'm trying to create a permission attribute to configure in each action of my controllers so this custom attribute should take the sessionId from the user. My code is like that:

public class PermissionChecker: ActionFilterAttribute
{
    private int _permissionId { get; set; }
    private IUserSelectorService _userService { get; set; }

    public PermissionChecker(int permissionId)
    {
        _permissionId = permissionId;
        _userService = new UserSelectorService();
    }

    public PermissionChecker(int permissionId, IUserSelectorService userService)
    {
        _permissionId = permissionId;
        _userService = userService;
    }

    public override void OnActionExecuting(HttpActionContext actionContext)
    {
        if (_userService.HasPermission(_permissionId, /* here I must pass the session["Id"]*/)){
             base.OnActionExecuting(actionContext);
             return;
        }
        throw new HttpException(401, "Unauthorized");
    }
}

Mihai · Accepted Answer · 2012-11-20T11:43:50.977

10

Use this

public override void OnActionExecuting(ActionExecutingContext filterContext)
{
    if(filterContext.HttpContext.Session != null)
    {
      var id = filterContext.HttpContext.Session["Id"];          
    }
}

EDIT Given the fact that you're using MVC 4 and you don't have

public override void OnActionExecuting(ActionExecutingContext filterContext)

Try using

System.Web.HttpContext.Current.Session

edited Nov 20 '12 at 11:43

answered Nov 20 '12 at 11:31

Mihai

2,740
31
45

I'm using MVC4 so there is no override with ActionExecutingContext – MuriloKunze Nov 20 '12 at 11:35
Ok. I assume that actionContext doesn't have a property HttpContext which would allow you to access the Session – Mihai Nov 20 '12 at 11:38
Try using System.Web.HttpContext.Current.Session – Mihai Nov 20 '12 at 11:43
Ok. Have a go at it. Remember to mark as "answered" if it helped :) – Mihai Nov 20 '12 at 12:05
3

I was using ActionFilterAttribute of System.Web.Http.Filters and not of System.Web.Mvc, because of this HttpActionContext was used. Thank. – MuriloKunze Nov 20 '12 at 12:36
Can somebody please help with my question related to this? [http://stackoverflow.com/questions/33504355/actionexecutingcontext-httpcontext-session-is-null] – Jap Evans Nov 03 '15 at 19:11

score 0 · Answer 2 · answered Dec 10 '17 at 12:27

if you are trying to access using ActionFilterAttribute then OnActionExecting event it wont give the accessibility of HttpContext with System.Web.Http.

Instead of that If you are trying to access using System.Web.Mvc it will provide you the current session with onActionExecting event with help of ActionExecutingContext class.

Get Session from HttpActionContext

2 Answers2