Camillia
asked on
Should MVC be using a session to store user info?
I'm working on a new project and I see this in UserController, in Login method (This is VS 2015) and I see the userId and firstname (username) are saved in session variables and saved in other places in the code.
MVC has Identity class. We can use, for example, User.Identity.Name. We don't need a session to hold this value, correct?
MVC has Identity class. We can use, for example, User.Identity.Name. We don't need a session to hold this value, correct?
using (.....)
{
ApplicationUser applicationUser = myContext.Users.Where(u => u.Email == model.Email).FirstOrDefault();
if (applicationUser != null)
{
Session["UserId"] = applicationUser.Id;
Session["FirstName"] = applicationUser.FirstName;
IQueryable<ApplicationRole> roles = myContext.ApplicationRoles.Where(x => x.Users.Select(y => y.UserId).Contains(applicationUser.Id));
ApplicationRole applicationRole = roles.FirstOrDefault();
if (applicationRole != null)
{
Session.Timeout = applicationRole.SessionTimeout;
}
}
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.