User Login

[uncgis]

What is the best way to handle user login? I currently use a session variable that expires after 20 minutes...but what if the user is not finished after 20 minutes? Can you reenable the session for each page? Does anyone handle logins different?

Thanks for any input

 

[DotNetGnat]

Session variables are definitely preferrable for these kinds of situations. You have to redirect the user to the login page after the session expires.

How ever if you want to increase the time of the session variable dynamically, then you can have a meta tag on your page that refreshes the page...something like this

<META HTTP-EQUIV="refresh" CONTENT="<%=(clng(session.Timeout)-2)*60%>">


-DNG

 

[DotNetGnat]

also this information might help you...info found online...

On all ASP pages in your web site you need to add something like

'--------------------------------------------------
' Adds a refresh to the page just after the length of the session
' so after the session expires it goes to the login page
' Adds anti-caching headers
' Checks a session variable and redirects if empty
'--------------------------------------------------
Response.AddHeader "Refresh", CStr(CInt(Session.Timeout + 1) * 60) & "; URL=Login.asp"
Response.AddHeader "cache-control", "private"
Response.AddHeader "Pragma","No-Cache"
Response.Buffer = TRUE
Response.Expires = 0
Response.ExpiresAbsolute = 0

If (Session("Authenticated")="") Then
    Response.Redirect("login.asp")
End If
'--------------------------------------------------
' Rest of your code goes after this
'--------------------------------------------------

On your logout page all you should need to do is set the following and redirect as needed:
Session("Authenticated") = ""

-DNG

 

[Sheco]

Are you saying that you have one single page that requires more than 20 minutes to use?