Step-by-Step: How to Enable Session in .NET Core

-

๐Ÿ“– Overview

Sessions in ASP.NET Core allow you to persist user-specific data across multiple HTTP requests. Whether you're tracking login state, temporary selections, or user preferences, sessions offer a simple and effective way to store short-term data on the server side.

This guide is ideal for:

  • Developers new to ASP.NET Core sessions
  • Anyone migrating from classic ASP.NET
  • .NET 6+ users following minimal hosting model


๐Ÿ“ฆ 1. Add the Required NuGet Package

If you're not using the default SDK (Microsoft.AspNetCore.App), manually install the session package:

dotnet add package Microsoft.AspNetCore.Session

๐Ÿ› ️ 2. Configure Services in Program.cs

Register memory cache and session services in the DI container:

var builder = WebApplication.CreateBuilder(args);

// In-memory cache for session storage
builder.Services.AddDistributedMemoryCache();

// Register session services
builder.Services.AddSession(options =>
{
    options.IdleTimeout = TimeSpan.FromMinutes(30);
    options.Cookie.HttpOnly = true;
    options.Cookie.IsEssential = true; // Required for GDPR
});

builder.Services.AddControllersWithViews(); // Or AddRazorPages()

๐Ÿ’ก Note: Sessions rely on a cookie (.AspNetCore.Session) to track the client — cookies must be enabled in the browser.

๐Ÿš€ 3. Use Session Middleware

Enable session in the request pipeline before mapping routes:

var app = builder.Build();

app.UseHttpsRedirection();
app.UseStaticFiles();

app.UseRouting();

app.UseSession(); // Enable session support

app.UseAuthorization();

app.MapControllers(); // Or app.MapRazorPages()

app.Run();

๐Ÿงช 4. Set and Get Session Values in a Controller

You can set and retrieve session values using HttpContext.Session. Here's a basic example:

using Microsoft.AspNetCore.Http;

public class HomeController : Controller
{
    public IActionResult Index()
    {
        // Store a string in session
        HttpContext.Session.SetString("username", "john.doe");

        // Retrieve it later
        string name = HttpContext.Session.GetString("username");

        ViewBag.Name = name;
        return View();
    }
}

๐Ÿงฑ Working with Complex Objects

Since sessions only support byte arrays or strings, use JSON serialization for complex data:

// Store object
HttpContext.Session.SetString("cart", JsonSerializer.Serialize(cartObject));

// Retrieve object
var cart = JsonSerializer.Deserialize<Cart>(
    HttpContext.Session.GetString("cart"));

✅ Don't forget to add using System.Text.Json; and your model class (e.g., Cart).

๐Ÿ“Œ 5. Important Notes

  • Sessions use a browser cookie named .AspNetCore.Session for tracking.
  • In-memory session storage is great for development or single-server apps.
  • Use Redis, SQL Server, or other distributed caches for load-balanced or production scenarios.
  • Set Cookie.IsEssential = true to ensure compliance with GDPR, even if the user declines non-essential cookies.
  • Session data may be lost on browser restart or timeout.

✅ Summary Table

Step Description
1. Add Package Install Microsoft.AspNetCore.Session
2. Configure Services Add AddDistributedMemoryCache() and AddSession()
3. Use Middleware Call app.UseSession() before route mapping
4. Access Session Use SetString() / GetString() in controllers or pages

๐Ÿ”— What’s Next?

Here are some helpful links and next steps:

๐Ÿ’ก Final Thoughts

Enabling session support in ASP.NET Core is straightforward, but you must treat session data carefully — especially when working with user identities, preferences, or cart information.

For production environments:

  • Avoid InMemory session storage.
  • Prefer Redis or SQL Server with proper expiration strategies.
  • Always validate and sanitize data from sessions, just like any other user input.

Comments

Post a Comment

Popular posts from this blog

Debouncing & Throttling in RxJS: Optimizing API Calls and User Interactions

-
RxJS Debounce vs Throttle in Angular – Best Practices & Examples What is RxJS — quick primer RxJS (Reactive Extensions for JavaScript) provides Observables and operators to model and manipulate streams of asynchronous events — from keystrokes and HTTP requests to timers and WebSocket messages. ๐Ÿ’ก Why this matters: Operators like debounceTime and throttleTime help you control event frequency, reducing wasted CPU and network work while improving UX. 1. Debouncing — emit after silence Debouncing delays emitting a value until a specified period of inactivity. It's best for typeahead inputs where only the final value after the user stops typing is relevant. Live search example (production-ready) // search.component.ts import { Component, OnDestroy } from '@angular/core'; import { FormControl } from '@angular/forms'; import { Subject } from 'rxjs'; import { debounc...
Read more

Promises in Angular

-
๐Ÿš€ Promises in Angular – The Complete Beginner’s Guide (with Examples) ๐Ÿ“˜ Introduction In modern Angular development, handling asynchronous operations is essential. Whether you're fetching data from an API, loading files, or wrapping browser-native APIs, Promises offer a clean and readable way to deal with one-time asynchronous operations. This guide explains: What Promises are How they compare with Observables Real-world examples using .then() and async/await When to use Promises vs Observables in Angular ๐Ÿ“š Table of Contents ๐Ÿ” What is a Promise? ๐Ÿ” Promise Lifecycle ✨ Key Features ๐Ÿ“Œ Syntax ๐Ÿ’ป Example 1: Fetch ๐Ÿ’ป Example 2: setTimeout ๐Ÿ“Š Promises vs Observables ๐ŸŽฏ When to Use Promises ๐Ÿ“ฆ Angular Service Example ๐Ÿ”„ Observable vs Promise ❓ FAQ ✅ Summary ๐Ÿ” What is a Promise? A Promise is a JavaScript object that represents the eventual success (fulfilled) or failure (rejected) of an asynchronous operation. ๐Ÿ“Œ Com...
Read more

Comprehensive Guide to C# and .NET Core OOP Concepts and Language Features

-
Comprehensive Guide to C# and .NET Core OOP Concepts Class A class is a blueprint for creating objects that encapsulate both data and behavior. Access Modifiers : public, internal, abstract, sealed control visibility and inheritance. Static Classes : Cannot be instantiated, contain only static members. Partial Classes : Split across files using partial keyword for better organization. public class Car { public string Model; public void Drive() => Console.WriteLine($"{Model} is driving."); } Analogy: A car blueprint used to build many actual cars. Benefits: Reusability, Encapsulation, Abstraction, Inheritance Object An object is an instance of a class. Managed by Garbage Collector for automatic memory cleanup. Boxing/Unboxing allows value types to be treated a...
Read more