Thread: Maintaining Form Data after forms authentication timeout

I'm using forms authentication on my site to validate users.

When a user is timed out and redirected to the login screen, I want to be able to save the form data from the page they were on and retrieve it when they log back in and are redirected back to that page.

For instance, let's say the user is writing an email and then has to take a phone call. When they return to the site, they complete the email and click send. But whilst on the phone they were timed out and so they are redirected to the login screen. What I want to do is save the details they had in the email and then populate this back into the email form when they log back in.

In classic ASP I used to save the form details in a number of session variables before checking if the user was timed out. I was then able to retrieve these details when the user logged back in.

Any ideas how I can do this in .NET?

Depending on security protocols, you can do a few different things.

One option is to use AJAX to auto-save form content to a database over time.

Another option is to use an iframe that reloads a few minutes before the session expires, thus keeping the session alive while a user is on that page.

Also, there is something in the UI Application block with a configured persistence layer. However, I don't know much about this, so this would require some research.

Originally Posted by richyrich

Is there anyway of "catching" the forms authentication before it redirects to the login page?

As in my classic ASP example. If I can establish when the authentication/timeout occurs, perhaps I can add something before this to save the form data to session/cookie variables.

Might do some testing with the page events to see if I can grab the data before it authenticates.

Well, if you know what the session timeout is, that should be easy to do with AJAX. Just before the session times out, grab the form data and save it to a cookie. Not sure a session would work for you seeing as the session is about to timeout.

Problem is what if, for example, the user leaves the computer for an hour, then types a whole load of text in the email?

I'd only have the info saved from when the session timed out, not the whole text that they'd typed.

As long as I can grab the data before it redirects, I can then just save it into a cookie.

How do you stop a page from processing? Can you just put response.end?
If I'm testing it, I want to try and see if I can put code in different page events to prevent the redirect.

I have an update panel on the page and the update progress associated with this update panel appears before it redirects, so I wonder if I could call a JS function on the button click to save the form data?

Good point...and I would think that the AJAX call might refresh the session. I'm not 100% on that, though. I'm sure using Javascript, you could store the data in a cookie on the onclick event.

Here is some information regarding the UI Application block: Introduction to the UIP Application Block

This would probably take some time, though.