I use basic authentication for my website and there is an issue when the user is on a form that takes a while to fill out, their session may end and upon clicking "save" the work will disappear because their session is no longer valid.
I tried the following:
set the session timeout to 1 minute in web.config:
<system.web> <sessionState timeout="1"></sessionState>
added the following javascript to my page, which is supposed to extend the session every 30 seconds:
AlertTimeOut = 30000; // Milliseconds, Alert Message
WarnTimeOut = 30000; // Warn Message before 30 sec of session out
setTimeout("WarnUser();", WarnTimeOut);
//setTimeout("AlertUser();", AlertTimeOut);
function AlertUser() {
alert('Your session has been expired, please save your data outside the system [copy the data in word document].');
}
function WarnUser() {
var currentTime = new Date()
var hours = currentTime.getHours()
var minutes = currentTime.getMinutes()
if (minutes < 10) {
minutes = "0" + minutes
}
if (hours > 11) {
var tempTime = hours + ":" + minutes + "PM"
} else {
var tempTime = hours + ":" + minutes + "AM"
}
var ans = confirm("Your login session is about to expire in 5 minutes.Do you want to extend it? - Date: " + tempTime);
if (ans) {
var oImage = new Image;
oImage.src = "tempdummy.gif" + Math.random();
setTimeout("WarnUser();", WarnTimeOut);
}
else {
setTimeout("AlertUser();", AlertTimeOut);
}
}
here is a snippet of my main.aspx.cs page, after waiting for the javascript pop up to come up 2 times, i refresh the page, and yes, the session["userid"] is null. I debugged the javascript and it does hit every line of code like it should.
protected void Page_Load(object sender, EventArgs e)
{
if (Session["userid"] == null)
{
// the session is no longer valid, i guess the javascript didn't work :(
//redirect user to an error page
}
else
{
username = (string)Session["userid"];
// check user permission, and populate the form here
}
}
i found quiet a few example online that use similar code to:
var oImage = new Image;
oImage.src = "tempdummy.gif" + Math.random();
to extend session, but i guess i'm just not understanding how it works. is this an image i'm supposed to have somewhere eon my aspx page? how does it work? because it doesn't for me
---- || ---- || ---- || ---- || ---- || ---- || ---- ||
Update:
I also tried the following:
created a refresh_session.aspx page with only 1 line of code in it:
protected void Page_Load(object sender, EventArgs e)
{
Response.Write("success");
}
I then try to POST to that page to refresh the seesion (as per this article:http://naspinski.net/post/Automatically-refresh-your-users-Session-behind-the-scenes-using-jQuery-and-AspNet.aspx)
my updated javascript looks like:
AlertTimeOut = 30000; // Milliseconds, Alert Message
WarnTimeOut = 30000; // Warn Message before 30 sec of session out
setTimeout("WarnUser();", WarnTimeOut);
function TimedOut() {
$.post("refresh_session.aspx", null,
function (data) {
if (data == "success") {
setTimeout("TimedOut();", WarnTimeOut);
alert('refreshed');
}
else { alert('not refreshed'); }
}
);
}
function AlertUser() {
alert('Your session has been expired, please save your data outside the system [copy the data in word document].');
}
function WarnUser() {
var ans = confirm("Your login session is about to expire in 5 minutes.Do you want to extend it? ");
if (ans) {
var oImage = new Image;
oImage.src = "tempdummy.gif";
TimedOut() ;
setTimeout("WarnUser();", WarnTimeOut);
}
else {
setTimeout("AlertUser();", AlertTimeOut);
}
}
the breakpoint in frefresh_session is hit, but then when I refresh my page it is still NULL in my default.aspx :((((((