Hello,
I’m in the following situation… I use the SessionBag to store a menu structure so that when the user navigates I can keep tracks of where he’s . When I log out I call the /auth/logout url and I was wondering the SessionBag would be reinitialized.
This doesn’t happen… so since I cache the data in the SessionBag I got the new logged user to see the old user menu structure…that’s weird…
I’ve seen that under the AuthProvider there’s a Logout method
public override object Logout(IServiceBase service, Authenticate request)
{
service.GetSessionBag()
return base.Logout(service, request);
}
I don’t see in ISession a remove method and I’ve also noticed there’s a
service.RemoveSession() but doesn’t work as expceted
How can I fix it?
Thanks
The SessionBag is tied to the Session cookies, it can be used to hold information before and after authenticating. In the latest version of ServiceStack (that’s now on MyGet) logging out i.e. /auth/logout
will automatically delete the Session cookies so you’ll get new Session cookies after logging out and you wont see the previous Session info.
paolo ponzano:
If I don’t close the browser then reopen it I got the old session bag I’m sure
paolo ponzano:
I need to do that in the custom AuthProvider
public override object Logout(IServiceBase service, Authenticate request)
{
var bag = service.GetSessionBag();
bag[“menu”] = null;
return base.Logout(service, request);
}
if I comment the set to null it doesn’t work
when I add the item to the sessionbag I do
private MenuEntry GetMenuInternal()
{
var menu = SessionBag.GetOrAdd(“menu”, () =>
{
string filePath = Server.MapPath("~/Infrastructure/Menu/Menu.xml");
var x = commonRepository.GetMenu(UserSession.Permissions, filePath, User.UserID);
return x;
});
MenuHelper.PostProcessMenu(menu, menu.Children);
return menu;
}
where the GetOrAdd Method is an extension method
public static class SessionExtensions
{
static readonly object sync = new object();
/// <summary>
/// If set, defines a function to call in order to know if cache is enabled or not.
/// </summary>
public static Func<bool> CacheEnabledProbe { get; set; }
static T GetOrAdd<T>(this ISession session, string key, Func<T> resolver, Action<T> setter)
{
if (session == null)
throw new ArgumentNullException(“session”);
if (String.IsNullOrEmpty(key))
throw new ArgumentNullException(“key”);
if (resolver == null)
throw new ArgumentNullException(“resolver”);
if (setter == null)
throw new ArgumentNullException(“setter”);
if (CacheEnabledProbe != null && !CacheEnabledProbe())
return resolver();
var value = session.Get<T>(key);
if (value != null)
return value;
lock (sync)
{
// Try a second lookup.
value = session.Get<T>(key);
if (value != null)
return value;
value = resolver();
if (value != null)
setter(value);
return value;
}
}
public static T GetOrAdd<T>(this ISession session, string key, Func<T> resolver)
{
return GetOrAdd(session, key, resolver, value => { session.Set(key, value); });
}
}
Are you saying it works when you set it to null, in that case what’s wrong with clearing it when you want to clear it?
I’ve also added explicit Remove API’s to ISession available in next release: https://github.com/ServiceStack/ServiceStack/commit/5111e706c64c2e062c87908901c3438d86c3d03e