All geek questions in one place

How to determine session timeout when reusing CookieContainer

I have the following code that reuses a CookieContainer, which logs in on the first request, but just uses the cookie container for requests after.

After a certain period of time, when the hosting site will provide a session timeout, I will need to log in again.

Q: Can I determine (with a cookie container object) if a timeout has occurred, or is it better to determine if it came from an HttpWebResponse that contains text such as "session timeout". What is the best way to do this?

private static CookieContainer _cookieContainer; private static CookieContainer CurrentCookieContainer { get { if (_cookieContainer == null || _cookieContainer.Count == 0) { lock (_lock) { if (_cookieContainer == null || _cookieContainer.Count == 0) { //_cookieContainer.GetCookies( _cookieContainer = DoLogin(); } } } return _cookieContainer; } set { _cookieContainer = value; } }

And then this method calls the container:

  public static string SomeMethod(SomeParams p) { HttpWebRequest request_thirdPartyEnquiryDetails = (HttpWebRequest)WebRequest.Create(thirdPartyEnquiryDetails); CookieContainer cookieContainer = CurrentCookieContainer; request_thirdPartyEnquiryDetails.CookieContainer = cookieContainer; //... and it goes on to submit a search and return the response }
+2
source share
3 answers

Well, since the timeout is 30 minutes, I set the login to retry after 25 minutes.

 private static DateTime? lastLoggedIn; private static CookieContainer _cookieContainer; private static CookieContainer CurrentCookieContainer { get { if (_cookieContainer == null || _cookieContainer.Count == 0 || !lastLoggedIn.HasValue || lastLoggedIn.Value.AddMinutes(25) < DateTime.Now) { lock (_lock) { if (_cookieContainer == null || _cookieContainer.Count == 0 || !lastLoggedIn.HasValue || lastLoggedIn.Value.AddMinutes(25) < DateTime.Now) { _cookieContainer = DoLogin(); lastLoggedIn = DateTime.Now; } } } return _cookieContainer; } set { _cookieContainer = value; } }

As an added precaution, I check the HttpResponse for text that returns when the page session time (although this is not expected to be visible). If this happens, I set the lastLoggedIn date to null and run the search method again.

+2
source

You can retrieve all cookies for a domain using the CookieContainer.GetCookies method (uri string). Using this CookieCollection, you can get the cookie of interest and check its Expired property to see if it has expired.

One thing to note: your session may end even if your cookie is valid. IIS may restart the application domain in which the web application runs, in which case all authenticated users may lose their session data. Therefore, checking the cookie is usually not enough to ensure that you remain logged in.

+1
source

I'm not sure what you want to achieve, but you should notice that CookieContainer has an error in the .Add (Cookie) and .GetCookies (uri) methods.

See details here:

http://dot-net-expertise.blogspot.com/2009/10/cookiecontainer-domain-handling-bug-fix.html

0
source

Source: https://habr.com/ru/post/1286665/

More articles:


All Articles