I have the following issue:
In my web.config I have the following authorization setup:
<authentication mode="Forms">
<forms loginUrl="~/LogIn" timeout="2880" name=".ASPXFORMSAUTH" defaultUrl="~/Dashboard/Dashboard.aspx"/>
</authentication>
The code I inherited from previous development stores a user object into Session after logging in. I am planning on continuing to use this logic for now.
Now, a user navigates to the page. Cookie is created as they log in, and user info stored into Session. The user now closes the page's tab, but keeps the browser open. The user waits x amount of time causing Session to expire, but not the cookie. The user now attemps to navigate directly to the page they were at previous. Forms authentication thinks they are logged in, but they are not. As such, my logged in user is null.
I am attempting to do this:
protected void Page_Init(object sender, EventArgs e)
{
if (object.Equals(DashboardSessionRepository.Instance.LoggedInUser, null))
{
FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();
}
else
{
//Continue with page init
}
}
Unfortunately, this does not cause the current page to cancel its lifecycle.
I am wondering a few things:
Thanks
Unfortunately, this does not cause the current page to cancel its lifecycle.
If you wish to stop the life cycle just place the End that after the RedirectToLoginPage... as
if (object.Equals(DashboardSessionRepository.Instance.LoggedInUser, null))
{
FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();
Response.End();
return;
}
else