FormsAuthentication Timeout - Check in JavaScript or JQuery

Question

I am creating a Forms Authentication in MVC using

`FormsAuthentication.SetAuthCookie(userName, model.RememberMe);`

And in Controller we use [Authorized] attribute to make sure user session is valid and has not expired. It works well when user move from one page to another. And if Cookie is expired then Login page is shown again.

Problem is with the one Page (Dashboard) which makes Ajax calls to server (Controller) to refresh some items on the screen every minutes.

As per company policy we can’t have session more than 30 minutes. So if this page remain open for 30 minutes and session expire we would like to redirect to Login page. Currently if session expires this page still remain as it is but stop getting refreshed and then user complains they can’t view data. Of course they can see it again once they refresh the page but is there any way using which I can find using JQuery or Java Script that FormsAuthentication cookie has expired

Answer 1

Of course they can see it again once they refresh the page but is there any way using which I can find using JQuery or Java Script that FormsAuthentication cookie has expired

Yes you can. Phil Haack wrote a very nice blog post explaining how you could prevent the Forms Authentication module from simply redirecting to the login page but instead return a 401 status code which your client AJAX call might catch and use window.location.href to manually redirect to the login page.

http://haacked.com/archive/2011/10/04/prevent-forms-authentication-login-page-redirect-when-you-donrsquot-want.aspx/

He also wrote a NuGet called AspNetHaack which you could use and if you are interested browse the source code here: https://github.com/Haacked/CodeHaacks/tree/master/src/AspNetHaack