1

What would be the proper way to end (kill) cookies in my case:

  1. When user first connect to web site it connect him/her to Index.
  2. Then user put username and password.
  3. It connect to his account ("_Layout.cshtml" with header starts - header have navigation menu, to see some results).
  4. Now! If user close this tab or close browser without clicking on logout, happan this: When user connect again to website it redirect him/her to index (where is login form) with layout with header shown. So user can again navigate to his/her account by clicking on navigation menu - do not have to login again.

I whant to do, when user close his tab or browser, cookies ends (or is killed), so it logout user automaticaly.

So far I have only this in my login controller set is:

if(ModelState.IsValid)
...
FormsAuthentication.SetAuthCookie(user.Username, false);

For Logout I have this:

public ActionResult LogOut()
{
   FormsAuthentication.SignOut();
   return RedirectToAction("Index", "Home");
}

And in web confing I have set this:

<sessionState mode="InProc" customProvider="DefaultSessionProvider">
  <providers>
    <add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
  </providers>
</sessionState>

:)

geekforfreek
  • 136
  • 1
  • 3
  • 15
  • 1
    For clearing session on tab closed follow-http://stackoverflow.com/questions/1921941/close-kill-the-session-when-the-browser-or-tab-is-closed, Also you can use-Session.Clear(); Session.Abandon(); Also check if confused what to use-http://stackoverflow.com/questions/347377/in-asp-net-when-should-i-use-session-clear-rather-than-session-abandon – Incredible May 29 '14 at 07:24
  • I think the OP wants the session ended when the user closes their browser. – Valamas May 29 '14 at 07:25
  • stop using the word session. the login isn't using a session. it uses cookies – user3036342 May 29 '14 at 07:25
  • Valamas - AUS correct, session must end when user close browser or tab with this web site – geekforfreek May 29 '14 at 07:26
  • user3036342 thanks for advice I will correct my question – geekforfreek May 29 '14 at 07:27
  • Please check my answer that links to an actual solution for you – user3036342 May 29 '14 at 07:30

2 Answers2

1

ASP.NET MVC is RESTful/stateless. Which means your idea of how a session works is incorrect (and understandable). you are using forms authentication, which uses cookies, not session state. What you work with there is cookies being set for the login.

Once you understand the concept, you can start coding a solution to the behaviour you'd like to implement.

Now that you know how it works/what to look for, the answer is here: How do I log a user out when they close their browser or tab in ASP.NET MVC?

Community
  • 1
  • 1
user3036342
  • 1,023
  • 7
  • 15
0

Since you have edited the question and now asking for Cookie, then also the way remains same, I perform this with these steps;

1) As soon a user closes the tab, prompt a popup, where you can ask for confirmation: For this follow this link: Prompt before tab close

2) In the confirmation, you can add the cookie clear logic. (I hope you know how to remove cookie, if you were adding cookie initially and were setting the timeperiod for them, then write the code of removing cookie as well).

Let me know if this helps you as it works in my application.

Community
  • 1
  • 1
Incredible
  • 3,495
  • 8
  • 49
  • 77
  • He doesn't use sessions. He uses FormsAuthentication.SetAuthCookie. Keyword there is "Cookie". He needs to implement a window.unload to get JavaScript to clear the auth cookie, set FormsAuthentication to not be persistent etc, all explained in the link that points to a SO answer – user3036342 May 29 '14 at 07:33
  • Ok, I have edited the answer, the way remains the same for cookie as well. – Incredible May 29 '14 at 07:41
  • the script seems to have some problem, what about this solution: http://stackoverflow.com/questions/5122404/how-do-you-clear-cookies-using-asp-net-mvc-3-and-c – geekforfreek May 29 '14 at 07:56
  • This link is showing how to clear cookie, but how will you catch the tab close event? For that you may need javascript, Please check what is the problem with the script, make sure you are not copy pasting, you need to modify after getting an idea. – Incredible May 29 '14 at 09:51