Asp.Net Core 2.0 session destroyed each build

Question

I am coming from PHP ecosystem, and now i want upgrade my skills to Asp.Net Core 2.0 . There a problem with sessions since these will be destroyed on each build , and that's is really annoyng during development .

Asp.net authentication system isn't destroyed at builds/restart , while sessions are.

There a way to make Sessions persistent like the Auth behavior?

My workaround is; Since i'm using asp.net Auth i could store a unique id and load the session (containing custom object) from the database. Then save it again on changes...

Note: My application is multi-user so i need to referee the user ID from Session on each request to the database to select related data.

Answer 1

ASP.NET Sessions were never related to authentication. They use their own storage to store temporary data that is used during a singel user session.

In ASP.NET Core the Session middleware always uses the service registered for IDistributedCache. The default implementation is a local in-memory cache :

public void ConfigureServices(IServiceCollection services)
{
    services.AddMvc();

    // Adds a default in-memory implementation of IDistributedCache.
    services.AddDistributedMemoryCache();

    services.AddSession(options =>
    {
        // Set a short timeout for easy testing.
        options.IdleTimeout = TimeSpan.FromSeconds(10);
        options.Cookie.HttpOnly = true;
    });
}

There are two persistent storage providers, one for Redis and one for SQL Server . To use them simply replace the call to AddDistributedMemoryCache() , eg :

services.AddDistributedSqlServerCache(options =>
{
    options.ConnectionString = @"Data Source=(localdb)\v11.0;Initial Catalog=DistCache;Integrated Security=True;";
    options.SchemaName = "dbo";
    options.TableName = "TestCache";
});

The linked doc page explains how to configure the providers.

All three providers can be found in the ASP.NET\\Caching repository. You can use them as a starting point to implement your own provider, eg to use MySQL, assuming there isn't one already available.

You can also configure ASP.NET Core to use the in-memory cache for general caching and SQL Server or Redis for distributed caching and session storage, eg :

services.AddMemoryCache();
services.AddDistributedRedisCache(options =>
{
    options.Configuration = "localhost";
    options.InstanceName = "SampleInstance";
});

Answer 2

The default session store is in-memory, mostly because every other type of store requires some type of configuration. When you have anything that's stored in-memory (session, cache, etc.) it's inherently process-bound, so when the process terminates, everything stored in-memory goes along with it. Rebuilding a running web app causes the process to be terminated and restarted, so there's your issue in a nutshell.

If you want the session to persist, then you need to use a persistent store , ie SQL Server, Redis, etc. The ASP.NET Core Distributed Cache (which is what ASP.NET Core uses for sessions) documentation covers how to to set all that up.