My website sessions timeout every ten seconds in the hosting environment, but works fine in my local development environment. I have been unable to change the timeout.
services.AddSession(options =>
{
options.IdleTimeout = TimeSpan.FromSeconds(600);
options.Cookie.HttpOnly = true;
options.Cookie.IsEssential = true;
});
I have even tried the above configuration, but it's not working; it still times out after ten seconds, even the operations are done.
On
I had a similar issue. It turned out to be a third-party library overriding session options. I had to use dotnet source stepping and breakpoints to indicate which library is creating the problem.
public OptionsFactory(IEnumerable<IConfigureOptions<TOptions>> setups, IEnumerable<IPostConfigureOptions<TOptions>> postConfigures, IEnumerable<IValidateOptions<TOptions>> validations)
{
_setups = setups as IConfigureOptions<TOptions>[] ?? new List<IConfigureOptions<TOptions>>(setups).ToArray();
_postConfigures = postConfigures as IPostConfigureOptions<TOptions>[] ?? new List<IPostConfigureOptions<TOptions>>(postConfigures).ToArray();
_validations = validations as IValidateOptions<TOptions>[] ?? new List<IValidateOptions<TOptions>>(validations).ToArray();
}
Here the _setups had two items instead of the one session option I had provided.
It is up to you to write middleware logic that checks if the Session exists and redirect when Session does not exist.
A much better approach is using the standard Cookie Authentication that comes with ASP.NET Core. It has the redirect feature built-in.
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-3.0