I want to show a message when session end or redirect to a login page on .net web application.
I tried to use Session_End global.asax event but when this event fired, context is closed so I can't redirect to any page.
I tried too to send refresh meta tag but it refresh page even if the user is navigating on page, I mean, the refresh tag is never updating.
There is a method to do this? Can you help me please.
Thanks in advance.
You need JS to poll the server periodically (e.g. every minute using setTimeout) to ask am I still logged in?. If it gets false as a response, your JS can do whatever you'd like (show a message, redirect to the login page etc).
The server side implementation will be something like
[HttpGet]
[AllowAnonymous]
[DoNotExtendAuthentication]
public ActionResult IsAuthenticated(string url)
{
var isAuthenticated = HttpContext?.User?.Identity?.IsAuthenticated ?? false;
return Json(isAuthenticated); // change this line to whatever shape of JSON you want
}
public class DoNotExtendAuthenticationAttribute : ActionFilterAttribute
{
public override void OnResultExecuted(ResultExecutedContext filterContext)
{
filterContext.HttpContext.Response.Cookies.Remove(
FormsAuthentication.FormsCookieName);
}
}
DoNotExtendAuthenticationAttribute is needed to effectively disable forms auth's sliding expiration logic.
For your routing, be sure to use the SessionlessHandler so that it doesn't continually extend the Session.
Can you try to add Timer event with ScriptManager and with timer tick event you can check your status. if session has value then continue if not give them message or what ever you want.
