Session variable value is getting null in ASP.NET Core

Asked 11/4, 2018 at 8:44 Answered 6/4, 2023 at 9:20

Solved session asp.net-core asp.net-core-mvc session-variables

I am setting a session variable in one method and trying to get the session variable value from the another method in a controller but its always getting null:

Here is my code:

public class HomeController : Controller
{
    public IActionResult Index()
    { 
        HttpContext.Session.SetString("Test", "Hello!");
        var message = HttpContext.Session.GetString("Test");// Here value is getting correctly
        return View();
    }

    public IActionResult About()
    {
        var message = HttpContext.Session.GetString("Test"); // This value is always getting null here

        return View();
    }
}

Here is my session configuration in Startup class:

In ConfigureServices() method:

services.Configure<CookiePolicyOptions>(options =>
{
    // This lambda determines whether user consent for non-essential cookies is needed for a given request.
    options.CheckConsentNeeded = context => true;
    options.MinimumSameSitePolicy = SameSiteMode.None;
});

services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddDistributedMemoryCache();
services.AddMvc().AddSessionStateTempDataProvider();
services.AddSession(options =>
{
    options.Cookie.Name = "TanvirArjel.Session";
    options.IdleTimeout = TimeSpan.FromDays(1);
});

In Configure() method:

app.UseSession();
app.UseMvc(routes =>
{
    routes.MapRoute(
        name: "default",
        template: "{controller=Home}/{action=Index}/{id?}");
});

Very strange and peculiar problem! Any help will be highly appreciated!

Melda answered 11/4, 2018 at 8:44 Comment(0)

For ASP.NET Core 2.1 and 2.2

In the ConfigureServices method of the Startup class, Set options.CheckConsentNeeded = context => false; as follows:

services.Configure<CookiePolicyOptions>(options =>
{
  // This lambda determines whether user consent for non-essential cookies is needed for a given request.
  options.CheckConsentNeeded = context => false;
  options.MinimumSameSitePolicy = SameSiteMode.None;
});

Problem solved!

Melda answered 19/5, 2018 at 12:6 Comment(11)

Works for me in asp.net Core 2.1 mvc web app! Great Thanks – Outhe 15/5, 2019 at 11:59

This worked for me. Thank you. Some others suggested adding services.AddMemoryCache() to ConfigureServices and app.UseCookiePolicy() to Configure, but that wasn't necessary. – Infuscate 4/6, 2019 at 13:25

But doesn't this indicate CheckConsentNeeded is false by default? learn.microsoft.com/en-us/dotnet/api/… – Idellaidelle 12/6, 2019 at 15:10

As a boolean property default value is false but during the project template generation default value is set to true. – Melda 12/6, 2019 at 15:48

Not Working for me. Is there anything else which i can do. – Duntson 26/7, 2019 at 16:38

Check your start up setting please! – Melda 26/7, 2019 at 16:40

not worked for me to after couple redirections the session ends and I need to login again. – Holiday 5/11, 2019 at 12:50

that happens only when I use iis as host in my iis express (from vs2017) the session works fine – Holiday 5/11, 2019 at 12:52

This answer and app.UseSession(); helped me get a hold of session, thanks. – Trista 26/3, 2020 at 19:42

I think the IsEssential cookie option needs also to be present: services.AddSession(options => { options.Cookie.IsEssential = true; }); – Andreasandree 20/8, 2020 at 22:39

This is a bad approach. This will make your website/application non-GDPR compliant. Check Max Favilli's answer. This will fix your problem and still prompt the user for consent. – Deck 5/1, 2021 at 11:29

You can also just set Cookie.IsEssential = true as explained here: https://andrewlock.net/session-state-gdpr-and-non-essential-cookies/

There is an overload of services.AddSession() that allows you to configure SessionOptions in your Startup file. You can change various settings such as session timeout, and you can also customise the session cookie. To mark the cookie as essential, set IsEssential to true:

public void ConfigureServices(IServiceCollection services)
{
    services.Configure<CookiePolicyOptions>(options =>
    {
        options.CheckConsentNeeded = context => true; // consent required
        options.MinimumSameSitePolicy = SameSiteMode.None;
    });

    services.AddSession(opts => 
    {
        opts.Cookie.IsEssential = true; // make the session cookie Essential
    });
    services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
}

Lustig answered 22/7, 2019 at 11:59 Comment(1)

Im loosing the value between controllers should that happen with the above? – Kincardine 13/7, 2020 at 22:0

I have had the same issue and tried the following separately and I found that either of them does work for me!

 1. options.CheckConsentNeeded = context => false;
 2. opts.Cookie.IsEssential = true; // make the session cookie Essential

However, not quite sure though, I think #1 might potentially lead to the breach of GDPR. Hence I would prefer #2.

Kneedeep answered 24/11, 2020 at 10:44 Comment(0)

This might be a front end configuration issue.

The session issue you're experiencing might be due to the configuration of your front-end application. If you're using a separate front-end application (e.g. Angular, React, or Vue.js) to interact with your ASP.NET Core API, make sure the HTTP requests sent to the API include the necessary information for handling sessions (and save cookies in the browser).

If your session is persisted between two requests using Postman or Swagger, this is probably it.

i.e. to fix this on an Angular front-end, you must add this in the HttpClient options of your requests: { withCredentials: true }

Glyn answered 6/4, 2023 at 9:20 Comment(0)

-1

I tried adding the mentioned lines from Microsoft docs on session it didn't work.

As I see from the code of HttpContext.Session Session can be used in the same request.

So at last, I created one static class as below which helped as Session throughout the application.

public static class SessionHelper
    {
        private static IDictionary<string, string> Session { get; set; } = new Dictionary<string, string>();

        public static void setString(string key, string value)
        {
            Session[key] = value;
        }

        public static string getString(string key)
        {
            return Session.ContainsKey(key) ? Session[key] : string.Empty;
        }
    }

Usage:

set string in one request

SessionHelper.setString("UserId", "123");

read string in another request

SessionHelper.getString("UserId");

Hope it helps!

Jug answered 12/10, 2022 at 18:32 Comment(0)

For ASP.NET Core 2.1 and 2.2

Recommended topics

Hot tags