How to increase session timeout in ASP.NET MVC

By FoxLearn 5/20/2024 8:03:05 AM   655
This post shows you How to increase session timeout in ASP.NET MVC

To increase the session timeout in an ASP.NET MVC application, you need to adjust the session state settings in your web.config file.

Here's how you can do it:

Open the web.config file of your ASP.NET MVC project, then increase the value in minutes by using the time out attribute of SessionState element.

<system.web>   
    <sessionState timeout="300"></sessionState>
</system.web>

By default, the session timeout value is 20 minutes. Also in your case if you are using forms authentication, please check the timeout value.

By setting the timeout attribute to a specific value, you're specifying the number of minutes the session remains active without any activity from the user. Adjust the value according to your application's requirements.

<system.web>   
    <authentication mode="Forms">
      <forms loginUrl="~/Account/Login" protection="All" path="/" timeout="300" />
    </authentication>
</system.web>

Open IdentityConfig.cs, then change the value of the account logout time span that you want to change.

public class ApplicationUserManager : UserManager<CustomUser>
{
    public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
    {
        var manager = new ApplicationUserManager(new UserStore<ApplicationUser>(context.Get<ApplicationDbContext>()));
        // Configure user lockout defaults
        manager.UserLockoutEnabledByDefault = true;
        manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromDays(1);
        manager.MaxFailedAccessAttemptsBeforeLockout = 5;
        return manager;
    }
}