4

Anybody knows if Net Core has any way to get a list of logged in users through the ASP.NET Identity?

I know we can override our ApplicationUser and add some DateTime field like 'LastAction' or 'LastLogin' but I expected this to be solved nowadays without this kind of workarounds.

ibubi
  • 2,469
  • 3
  • 29
  • 50
daniherculano
  • 373
  • 1
  • 9
  • 26
  • 2
    What do you mean? That is not a workaround. There is no general solution to the problem you are describing. How do you quantify logged in? Any user with a valid authentication cookie can make a request to a protected endpoint. There is no such thing as "logged in" in a website. Web applications are stateless. Do you mean the number of authenticated users that made a request in the past x time period or so? Or do you mean the total number of authentication cookies that were issued in the past x time period? Number of logged in users are up to you to decide. – Avin Kavish May 29 '19 at 08:15
  • I mean, for instance, that if I have an expiration session time of 1 hour, it would be nice to know in a specific moment, which users are still with an active session because it didn't expire or they didn't logout – daniherculano May 29 '19 at 08:25
  • its duplicate of [this](https://stackoverflow.com/questions/6218401/how-to-count-sessions-in-asp-net-server-application) just add some if and you are there :) – Pavel B. May 29 '19 at 08:47
  • Possible duplicate of [How to count sessions in asp.net server application](https://stackoverflow.com/questions/6218401/how-to-count-sessions-in-asp-net-server-application) – Pavel B. May 29 '19 at 08:49
  • 6
    That answer is for asp net, 7 years ago not asp net core – Avin Kavish May 29 '19 at 09:19
  • Apart from incrementing a counter on login and decrementing it on login or expire, I can't think of any other way. You can use a distributed cache to maintain an atomic counter. Redis supports atomic operations, https://redis.io/commands/INCR – Avin Kavish May 29 '19 at 09:27
  • 1
    I think the only true answer to this is "however you want to".. Its a decision for you and how you code it – Robert Perry May 29 '19 at 09:50
  • If the session did not expire and they did not logout, but they close the web browser directly, will you think they are logged or not? You need to rethink your requirement to check whether it is reasonable. – Edward May 30 '19 at 06:02
  • I completely understand what you need to achieve and I also have a similar problem. Using .Net 6 now so hopefully someone can answer this with the current technology not from previous versions. – Manuel.B Apr 26 '22 at 05:12

0 Answers0