开发者

Can I store session variables for each user in Global.asax file?

开发者 https://www.devze.com 2023-03-31 19:56 出处:网络
I have an asp.net c# application. I\'m using web forms authentication. I would like as soon as user logged or register at website to write his 开发者_开发百科information in Session, like:

I have an asp.net c# application. I'm using web forms authentication. I would like as soon as user logged or register at website to write his 开发者_开发百科information in Session, like:

  • UserId, Email, Name, phone, address etc

I'm using also openid authentication.

As I see it the session can saved from master page, or Global.asax file. In my case I have 3 different master pages and I would like to save and remove user session variables from one place.

Also it has to be secure. Anyway at what point in application life cycle better to store session variables unique for each user? Best practices


I will suggest something different:

Inherit all your pages from a BasePage. In that BasePage create a User Property, something like this:

 public class BasePage : System.Web.UI.Page
 {
    public WebUser CurrentUser
    {
        get 
        {
            WebUser currentUser = HttpContext.Current.Session["WHATEVERKEY"] as WebUser;

            if (currentUser == null)
            {
               currentUser = new WebUser();//and do some processing
               HttpContext.Current.Session["WHATEVERKEY"] = currentUser;
            }
            return currentUser;
        }
        set 
        { 
            HttpContext.Current.Session["WHATEVERKEY"]=value;
        }
    }
 }

Once the user is authenticated you can simply store your user information by doing:

this.Page.CurrentUser = userAuthenticated;

And you can access this CurrentUser in all your pages in your application.

The WebUser class can look like this:

[Serializable]
public class WebUser
{

   public string Name {get;set;}
   public string Email {get;set;}
   // and so on... 
}


Unless there is another way to access the Session instance other than through HttpContext.Current from within the global.asax, then this won't work - since you can't access the current context from the scope of this code. (You can access it directly since HttpApplication exposes a Session, but there are some caveats in this area.)

You could, however, define a fourth master page to act as the root and execute the generic code which utilises the session, then have each derive from this one.


You can use the Application_BeginRequest method in the Global.asax file.

In that method, you can access "this.Session" and do whatever you'd like.


You can do it from werether you want I'd suggest you the following :

public class User{

int UserID;
string Email;
string Name;
string Phone;
string Address
}

public static class SessionData{
 static User User{
get{
return (User)HttpContext.Current.Session["user"];
}
set{
HttpContext.Current.Session["user"] = value;
}
 static bool  IsUserConnected{
get{
return HttpContext.Current.Session["user"]  != null;
}
}

So if you want the current User's id you do SessionData.User.UserID.

PS : i'm sorrry for the static class ^^


I think I would override the Page class and add the session management code there, then make each of the master pages inherit the custom class instead of Page.

0

精彩评论

暂无评论...
验证码 换一张
取 消