2

I am currently developing an API in .Net Core 2.1 with a client application in Vue 2 with Nuxt, and I have problems saving an object in session in ASP .Net. I have reviewed this and other links before asking this question, but nothing has been able to help me. It turns out that I've tried it with Postman and if it works, but I do not understand why it does not work with my application.

This is my Startup.cs

public class Startup
    {
    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
    }

public IConfiguration Configuration { get; }

public void ConfigureServices(IServiceCollection services)
{
    services.Configure<CookiePolicyOptions>(options =>
    {
        options.CheckConsentNeeded = context => false;
        options.MinimumSameSitePolicy = SameSiteMode.None;
    });
// Add Database
// End Add Database
    services.AddCors(options => 
{
    options.AddPolicy("AllowSpecificOrigin", builder =>
    builder.AllowAnyHeader()
           .AllowAnyMethod()
           .AllowAnyOrigin()
));
});
 services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
    .AddDistributedMemoryCache();

    services.AddSession(options =>
    {
        options.IdleTimeout = TimeSpan.FromMinutes(1440);
        options.Cookie.HttpOnly = true;
        options.Cookie.IsEssential = true;
    });
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }
    else
    {
        app.UseHsts();
    }

    app.UseCookiePolicy();
    app.UseCors("AllowSpecificOrigin");
    app.UseSession();
    app.UseMvc();
}
}

In my controller:

[Route("api/customer/[controller]")]
[ApiController]
public class ClientController : ControllerBase { ...

... Get and set Session Var

var model = HttpContext.Session.GetString("User")

And other controller

HttpContext.Session.SetString("User", "Hello World")

HttpContext changes id every time I make a request for ajax, but postman does not change the Id and that's why I can recover the cookie.

HenryGuillen17
  • 370
  • 1
  • 3
  • 13
  • I guess there is something wrong here `services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); .AddDistributedMemoryCache();` Change to `services.AddDistributedMemoryCache(); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);` – Gopesh Sharma Oct 30 '18 at 06:41
  • Thanks, but it does not work for me. I do not understand why Postman works, but not on my website. Something has to do with the Cors? – HenryGuillen17 Oct 30 '18 at 13:19

1 Answers1

4

You likely need to set the withCredentials flag when making your AJAX request. That shouldn't be required for same-site requests, but you mentioned CORS and didn't specify that it was same-site. With jQuery, that just means adding it to xhrFields in your your AJAX options object:

$.ajax({
    ...
    xhrFields: {
        withCredentials: true
    }
});

Other libraries may have a different methodology, but all should have some way of setting this flag on the XMLHttpRequest object.

Chris Pratt
  • 232,153
  • 36
  • 385
  • 444
  • OHHHH Thanks, Thank you very much, you have put an end to several days of suffering. For further references, I will leave the correct answer: nuxt.config.js: `/* ** Modules Config */ axios: { credentials: true },` In my Cors `services.AddCors(opt => { opt.AddPolicy("AllowSpecificOrigin", builder => builder.WithOrigins("http://localhost:3000") .AllowAnyMethod() .AllowAnyHeader() .AllowCredentials() ); })` – HenryGuillen17 Oct 30 '18 at 21:00
  • Is there any way to parameterize this URL of my application externally? `http://localhost:3000` – HenryGuillen17 Oct 30 '18 at 21:02