total rewrite of app state #2489
Conversation
|
@Tratcher Can you take a look at this one? |
|
|
||
| >[!WARNING] | ||
| > This page documents version 1.0.0-rc1 and has not yet been updated for version 1.0.0 | ||
| When does session clear the backing store? When the session expires? After you close the browser and the session cookie is deleted - what happens to your session data? |
There was a problem hiding this comment.
Data is deleted from the backing store either when you call Session.Clear() or when the session expires in the data store. The server does not know when the browser is closed or the cookie is deleted.
|
|
||
| By [Steve Smith](http://ardalis.com) | ||
| `IdleTimeout` is independent of the cookie's expiration. | ||
| Is there a way to set the session ID cookie timeout? What happens to the session cookie after the session is expired? |
There was a problem hiding this comment.
Session cookies by definition have no specified timeout, the are deleted when the browser session ends.
If a cookie is received for an expired session then a new session is created using the same cookie.
|
|
||
| ## Application State Options | ||
| HTTP is a stateless protocol; the Web server treats each HTTP request as an independent request. The server retains no knowledge of variable values that were used in previous requests. This article discusses various approaches to preserving application and user (session) state between requests. Although preserving state is often derided, judicious use of state can reduce app complexity and increase performance. |
There was a problem hiding this comment.
derided? by REST folks, yes. Don't mention it unless you're going to include the arguments against state.
|
|
||
| ### Cookies | ||
| The in-memory session provider stores session data on the server, which can impact scale out. If you run your web app on a server farm, you’ll need to enable sticky sessions to tie each session to a specific server. Windows Azure Web Sites defaults to sticky sessions (Application Request Routing or ARR). Sticky session can impact scalability and complicate updating your web app. |
There was a problem hiding this comment.
You can also store sessions in Redis or SQL which should be recommended before sticky sessions.
|
|
||
| ### Cache | ||
| ### Cookie-based TempData provider (requires ASP.NET Core 1.1.0 and higher) |
There was a problem hiding this comment.
You said above that TempData is built on Session, but then show how to turn on cookie-based tempdata. Needs clarification.
| #region snippet1 | ||
| public class HomeController : Controller | ||
| { | ||
| const string SessionKeyName = "_SessionKeyName"; |
There was a problem hiding this comment.
Putting SessionKey in the key value seems redundant.
There was a problem hiding this comment.
Removed, but I did find it reassuring when I examined the value in the debugger :)
| #region snippet2 | ||
| public IActionResult SetDate() | ||
| { | ||
| HttpContext.Session.Set<DateTime>(SessionKeyDate, DateTime.Now); |
There was a problem hiding this comment.
Note that this requires your extra Set extension
There was a problem hiding this comment.
Everyone requires that extension method. Why is it not in the framework?
There was a problem hiding this comment.
There are lots of different ways to serialize data, we didn't want to be tied to a specific serializer. Something like this would make a good Asp.Net Contrib package though.
| services.AddSession(options => | ||
| { | ||
| options.CookieName = ".AdventureWorks.Session"; | ||
| options.CookieHttpOnly = true; |
There was a problem hiding this comment.
This is the default, why set it?
| @@ -0,0 +1,45 @@ | |||
| { | |||
| "dependencies": { | |||
| "Microsoft.AspNetCore.Mvc": "1.0.1", | |||
| }, | ||
|
|
||
| "tools": { | ||
| "Microsoft.AspNetCore.Server.IISIntegration.Tools": "1.0.0-preview2-final" |
| "Microsoft.AspNetCore.Mvc": "1.0.1", | ||
| "Microsoft.AspNetCore.Routing": "1.0.1", | ||
| "Microsoft.AspNetCore.Mvc": "1.1", | ||
| "Microsoft.AspNetCore.Routing": "1.1", | ||
| "Microsoft.AspNetCore.Server.IISIntegration": "1.0.0", |
No description provided.