Base solution for your next web application
Open Closed

Session handling in boiler plate #1834


User avatar
0
ramanan created

How do we handle session in Aspn.Net boiler plate? My question is, I need to implement a logout user feature. How to I unauthorize a user, or in other hand, how do I reset the session?

I have a web api, not a dynamic web api. A user login by providing the credentials to the api, and in response gets a token, which is passed back to the other methods in the api controller along with other requests. I have a logout feature - if a user clicks the logout button, I need to logout that particular user, disable that session and token.


1 Answer(s)
  • User Avatar
    0
    hikalkan created
    Support Team

    ABP itself does not provide a mechanism. It gets UserId/TenantId from current principal of httpcontext. In a cookie auth, it's stored in the cookie. If you use ASP.NET Identity, you can use SignInManager.SignOut (it actually simply delete the cookie). For the token auth, as I know, there is no direct way of logouting a user before token expire. You can google it for workarounds.