Question
I am building a web application using .net MVC 4.
I have ajax form to edit data.
If the user is idle for 15 mins it will expire the session of the user. When that happens if user click edit button it loads the login page inside the partial content hence now the current session expires.
Edit Link - cshtml code
https://stackoverflow.com/questions/22553871
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian@Ajax.ActionLink("Edit", MVC.Admin.Material.ActionNames.TagEditorPanel, MVC.Admin.Material.Name, new { isView = "false", id = Model.ID.ToString() }, new AjaxOptions { HttpMethod = "GET", UpdateTargetId = "materialTagBox", InsertionMode = InsertionMode.Replace }, new { @class = "editlinks" })
Controller/Action Code
[Authorize]
public virtual ActionResult TagEditorPanel(bool isView, int id)
{
//do something
return PartialView(MVC.Admin.Material.Views._tag, response);
}
Web.config
<authentication mode="Forms">
<forms loginUrl="~/Account/Login" timeout="2880" />
</authentication>
I understand why it is happening. I don't know how to resolve it. I want to prevent it and I want to redirect user to login page directly. How can I achieve this?
Thanks inadvance..!!!
Solution
Maybe a hacky answer, but you can change the redirect location in forms authentication to a page that sets the window location to the login page with javascript.
Web Config
<authentication mode="Forms">
<forms loginUrl="~/Account/RedirectToLogin" timeout="2880" />
</authentication>
Account Controller
public ActionResult RedirectToLogin()
{
return PartialView("_RedirectToLogin");
}
_RedirectToLogin View
<script>
window.location = '@Url.Action("Login", "Account")';
</script>
OTHER TIPS
The issue is your call is intercepted by [Authorize] and sends the login page even before your action method code is called. One way to sort this out is to create a custom action filter to check the timeout and do a hard redirect to login page. Following post has a good write up which may help you in creating and registering the filter
http://www.codeblockdrive.com/2012/12/mvc-custom-filters-session-timeout.html
Best of luck
You may want to check the answer to this (similar) question.
ASP.NET MVC Partial view ajax post?
Basically it says that you should avoid making ajax calls to functions that may redirect because of this and other problems.
You can avoid the problem that you are having by authorizing / checking the expiration manually in your function, and then returning redirect information that can be applied to the whole page.
I have used this approach, and it works well.
Inspired by kramwens answer, one could avoid making an extra RedirectToLogin view (and controller action) and just put the following in you original Login view:
<script>
if (window.location != '@string.Format("{0}://{1}{2}",Request.Url.Scheme, Request.Url.Authority,Url.Content("~/Account/Login"))')
window.location = '@Url.Action("Login", "Account")';
</script>
This tests the current window.location and if it is not as expected, it sets it as expected. I know, my js is a bit hacky and crappy, but it does the work :)
I Have simple way find for partial view session expired.
Simple One Action created then this view java script windows.load() call then url will be pass to this login page.
//in Controller one Action Created.
<script type="text/javascript">
window.location = '@Url.Action("Login", "LogIn")';
</script>Public ActionResult SessionExpire()
{
return View();
}
//Redirect to login from partail view after session is null:
return Redirect("~/OrderPlace/Sessionview");
My solution is to use some c# code whenever possible. I can get the controller and view name, check to see of they are what they should be, and if not redirect to the proper.
var controllerName = ViewContext.RouteData.GetRequiredString("controller");
var actionName = ViewContext.RouteData.GetRequiredString("action");
I then use the following to go to the proper URL:
if (controllerName != "members" && actionName != "logon")
{
@{ Response.Redirect("~/Members/Logon");}
}
