Previous user login is replaced by recent/latest user login
I am working on asp.net mvc project.The project is working amazingly on localhost.However when i upload the project on a server , i am facing some issues.I login from a machine it is getting logged in successfully.Then i try to login as another user it works.Now i go to previous user login and i refresh the page the second user login takes over the 1st user login.In general,the previous user login is replaced by recent/latest user login.I searched a lot about this issue but couldn't find anything.Please share some suggestions regarding this issue.
I have a controller named AuthenticateController which has the actions as
Login and Logout.I have tried implementing session but no luck.Here is the code.Please help me with proper session implementation code if possible or if there are any changes i need to make in my code.It would be great if there is another way of achieving authentication with proper login logout and back button issue.Thanks in advance!!
public class AuthenticateController : Controller
DBEntities entity = new DBEntities();
public static int userid = 0;
public static string getreference = string.Empty;
public ActionResult Login()
return View();
[HttpPost]
public ActionResult Login(AuthenticateModel model)
try
var check = entity.TblName.Where(x => x.UserName == model.UserName && x.Password == model.Password).ToList();
if (check.Count > 0)
foreach (var r in check)
GlobalVaribale.UserId = r.UserId;
//FullName
GlobalVaribale.UserName = r.FullName;
GlobalVaribale.UserAccessLevel = r.AccessLevel.Value;
GlobalVaribale.OrgId = r.OrganisationId.Value;
Session["UserId"] = r.UserId;
Session.Timeout = 10;
return RedirectToAction("Index", "Home");
else
TempData["Wrong"] = "Invalid Credentials";
return View();
catch (Exception e)
Console.WriteLine(e);
return View();
public ActionResult Logout()
Session["UserId"] = null;
Session.Abandon();
GlobalVaribale.UserId = 0;
GlobalVaribale.UserName = string.Empty;
GlobalVaribale.UserAccessLevel = 0;
GlobalVaribale.OrgId = 0;
return RedirectToAction("Login");
}
I have created a global folder in which i have a class named as GlobalVaribale.The code is given below
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace TimeSheet.Global
public static class GlobalVaribale
public static int UserId = 0;
public static int OrgId = 0;
public static int UserAccessLevel = 0;
public static string UserName = string.Empty;
public enum AccessLevel
admin = 1,
management = 2,
employee = 3,
contractor = 4,
superamin = 5
c# asp.net asp.net-mvc
add a comment |
I am working on asp.net mvc project.The project is working amazingly on localhost.However when i upload the project on a server , i am facing some issues.I login from a machine it is getting logged in successfully.Then i try to login as another user it works.Now i go to previous user login and i refresh the page the second user login takes over the 1st user login.In general,the previous user login is replaced by recent/latest user login.I searched a lot about this issue but couldn't find anything.Please share some suggestions regarding this issue.
I have a controller named AuthenticateController which has the actions as
Login and Logout.I have tried implementing session but no luck.Here is the code.Please help me with proper session implementation code if possible or if there are any changes i need to make in my code.It would be great if there is another way of achieving authentication with proper login logout and back button issue.Thanks in advance!!
public class AuthenticateController : Controller
DBEntities entity = new DBEntities();
public static int userid = 0;
public static string getreference = string.Empty;
public ActionResult Login()
return View();
[HttpPost]
public ActionResult Login(AuthenticateModel model)
try
var check = entity.TblName.Where(x => x.UserName == model.UserName && x.Password == model.Password).ToList();
if (check.Count > 0)
foreach (var r in check)
GlobalVaribale.UserId = r.UserId;
//FullName
GlobalVaribale.UserName = r.FullName;
GlobalVaribale.UserAccessLevel = r.AccessLevel.Value;
GlobalVaribale.OrgId = r.OrganisationId.Value;
Session["UserId"] = r.UserId;
Session.Timeout = 10;
return RedirectToAction("Index", "Home");
else
TempData["Wrong"] = "Invalid Credentials";
return View();
catch (Exception e)
Console.WriteLine(e);
return View();
public ActionResult Logout()
Session["UserId"] = null;
Session.Abandon();
GlobalVaribale.UserId = 0;
GlobalVaribale.UserName = string.Empty;
GlobalVaribale.UserAccessLevel = 0;
GlobalVaribale.OrgId = 0;
return RedirectToAction("Login");
}
I have created a global folder in which i have a class named as GlobalVaribale.The code is given below
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace TimeSheet.Global
public static class GlobalVaribale
public static int UserId = 0;
public static int OrgId = 0;
public static int UserAccessLevel = 0;
public static string UserName = string.Empty;
public enum AccessLevel
admin = 1,
management = 2,
employee = 3,
contractor = 4,
superamin = 5
c# asp.net asp.net-mvc
1
Please share some relevant code. Especially that code where it saysstatic ...
.
– Patrick Hofman
Nov 12 at 12:22
1
Hi, How to Ask and Minimal, Complete, and Verifiable example are great tool to help you formulate a question. Here we lack code.
– Drag and Drop
Nov 12 at 12:26
Please share your code specially your cookie and authenticate method
– shaghayegh sheykholeslami
Nov 12 at 12:27
add a comment |
I am working on asp.net mvc project.The project is working amazingly on localhost.However when i upload the project on a server , i am facing some issues.I login from a machine it is getting logged in successfully.Then i try to login as another user it works.Now i go to previous user login and i refresh the page the second user login takes over the 1st user login.In general,the previous user login is replaced by recent/latest user login.I searched a lot about this issue but couldn't find anything.Please share some suggestions regarding this issue.
I have a controller named AuthenticateController which has the actions as
Login and Logout.I have tried implementing session but no luck.Here is the code.Please help me with proper session implementation code if possible or if there are any changes i need to make in my code.It would be great if there is another way of achieving authentication with proper login logout and back button issue.Thanks in advance!!
public class AuthenticateController : Controller
DBEntities entity = new DBEntities();
public static int userid = 0;
public static string getreference = string.Empty;
public ActionResult Login()
return View();
[HttpPost]
public ActionResult Login(AuthenticateModel model)
try
var check = entity.TblName.Where(x => x.UserName == model.UserName && x.Password == model.Password).ToList();
if (check.Count > 0)
foreach (var r in check)
GlobalVaribale.UserId = r.UserId;
//FullName
GlobalVaribale.UserName = r.FullName;
GlobalVaribale.UserAccessLevel = r.AccessLevel.Value;
GlobalVaribale.OrgId = r.OrganisationId.Value;
Session["UserId"] = r.UserId;
Session.Timeout = 10;
return RedirectToAction("Index", "Home");
else
TempData["Wrong"] = "Invalid Credentials";
return View();
catch (Exception e)
Console.WriteLine(e);
return View();
public ActionResult Logout()
Session["UserId"] = null;
Session.Abandon();
GlobalVaribale.UserId = 0;
GlobalVaribale.UserName = string.Empty;
GlobalVaribale.UserAccessLevel = 0;
GlobalVaribale.OrgId = 0;
return RedirectToAction("Login");
}
I have created a global folder in which i have a class named as GlobalVaribale.The code is given below
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace TimeSheet.Global
public static class GlobalVaribale
public static int UserId = 0;
public static int OrgId = 0;
public static int UserAccessLevel = 0;
public static string UserName = string.Empty;
public enum AccessLevel
admin = 1,
management = 2,
employee = 3,
contractor = 4,
superamin = 5
c# asp.net asp.net-mvc
I am working on asp.net mvc project.The project is working amazingly on localhost.However when i upload the project on a server , i am facing some issues.I login from a machine it is getting logged in successfully.Then i try to login as another user it works.Now i go to previous user login and i refresh the page the second user login takes over the 1st user login.In general,the previous user login is replaced by recent/latest user login.I searched a lot about this issue but couldn't find anything.Please share some suggestions regarding this issue.
I have a controller named AuthenticateController which has the actions as
Login and Logout.I have tried implementing session but no luck.Here is the code.Please help me with proper session implementation code if possible or if there are any changes i need to make in my code.It would be great if there is another way of achieving authentication with proper login logout and back button issue.Thanks in advance!!
public class AuthenticateController : Controller
DBEntities entity = new DBEntities();
public static int userid = 0;
public static string getreference = string.Empty;
public ActionResult Login()
return View();
[HttpPost]
public ActionResult Login(AuthenticateModel model)
try
var check = entity.TblName.Where(x => x.UserName == model.UserName && x.Password == model.Password).ToList();
if (check.Count > 0)
foreach (var r in check)
GlobalVaribale.UserId = r.UserId;
//FullName
GlobalVaribale.UserName = r.FullName;
GlobalVaribale.UserAccessLevel = r.AccessLevel.Value;
GlobalVaribale.OrgId = r.OrganisationId.Value;
Session["UserId"] = r.UserId;
Session.Timeout = 10;
return RedirectToAction("Index", "Home");
else
TempData["Wrong"] = "Invalid Credentials";
return View();
catch (Exception e)
Console.WriteLine(e);
return View();
public ActionResult Logout()
Session["UserId"] = null;
Session.Abandon();
GlobalVaribale.UserId = 0;
GlobalVaribale.UserName = string.Empty;
GlobalVaribale.UserAccessLevel = 0;
GlobalVaribale.OrgId = 0;
return RedirectToAction("Login");
}
I have created a global folder in which i have a class named as GlobalVaribale.The code is given below
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
namespace TimeSheet.Global
public static class GlobalVaribale
public static int UserId = 0;
public static int OrgId = 0;
public static int UserAccessLevel = 0;
public static string UserName = string.Empty;
public enum AccessLevel
admin = 1,
management = 2,
employee = 3,
contractor = 4,
superamin = 5
c# asp.net asp.net-mvc
c# asp.net asp.net-mvc
edited Nov 24 at 7:42
asked Nov 12 at 12:20
Kamil Shaikh
11
11
1
Please share some relevant code. Especially that code where it saysstatic ...
.
– Patrick Hofman
Nov 12 at 12:22
1
Hi, How to Ask and Minimal, Complete, and Verifiable example are great tool to help you formulate a question. Here we lack code.
– Drag and Drop
Nov 12 at 12:26
Please share your code specially your cookie and authenticate method
– shaghayegh sheykholeslami
Nov 12 at 12:27
add a comment |
1
Please share some relevant code. Especially that code where it saysstatic ...
.
– Patrick Hofman
Nov 12 at 12:22
1
Hi, How to Ask and Minimal, Complete, and Verifiable example are great tool to help you formulate a question. Here we lack code.
– Drag and Drop
Nov 12 at 12:26
Please share your code specially your cookie and authenticate method
– shaghayegh sheykholeslami
Nov 12 at 12:27
1
1
Please share some relevant code. Especially that code where it says
static ...
.– Patrick Hofman
Nov 12 at 12:22
Please share some relevant code. Especially that code where it says
static ...
.– Patrick Hofman
Nov 12 at 12:22
1
1
Hi, How to Ask and Minimal, Complete, and Verifiable example are great tool to help you formulate a question. Here we lack code.
– Drag and Drop
Nov 12 at 12:26
Hi, How to Ask and Minimal, Complete, and Verifiable example are great tool to help you formulate a question. Here we lack code.
– Drag and Drop
Nov 12 at 12:26
Please share your code specially your cookie and authenticate method
– shaghayegh sheykholeslami
Nov 12 at 12:27
Please share your code specially your cookie and authenticate method
– shaghayegh sheykholeslami
Nov 12 at 12:27
add a comment |
1 Answer
1
active
oldest
votes
You have two problems. One is that you are using static
variables in a web context, meaning they'll be shared between all visitors. Don't do that.
Your bigger problem is this:
var check = entity.TblName.Where(x => x.UserName == model.UserName && x.Password == model.Password).ToList();
You're rolling your own authentication logic. Definitely don't do that. Start over, use ASP.NET Identity and don't bother writing your own login code, because you're doing it wrong and opening up your users to security vulnerabilities.
Thank you for your suggestion @CodeCaster but i am still not clear with the static part.Could you provide some detailed information about it? stackoverflow.com/users/266143/codecaster
– Kamil Shaikh
Nov 24 at 4:59
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53262084%2fprevious-user-login-is-replaced-by-recent-latest-user-login%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You have two problems. One is that you are using static
variables in a web context, meaning they'll be shared between all visitors. Don't do that.
Your bigger problem is this:
var check = entity.TblName.Where(x => x.UserName == model.UserName && x.Password == model.Password).ToList();
You're rolling your own authentication logic. Definitely don't do that. Start over, use ASP.NET Identity and don't bother writing your own login code, because you're doing it wrong and opening up your users to security vulnerabilities.
Thank you for your suggestion @CodeCaster but i am still not clear with the static part.Could you provide some detailed information about it? stackoverflow.com/users/266143/codecaster
– Kamil Shaikh
Nov 24 at 4:59
add a comment |
You have two problems. One is that you are using static
variables in a web context, meaning they'll be shared between all visitors. Don't do that.
Your bigger problem is this:
var check = entity.TblName.Where(x => x.UserName == model.UserName && x.Password == model.Password).ToList();
You're rolling your own authentication logic. Definitely don't do that. Start over, use ASP.NET Identity and don't bother writing your own login code, because you're doing it wrong and opening up your users to security vulnerabilities.
Thank you for your suggestion @CodeCaster but i am still not clear with the static part.Could you provide some detailed information about it? stackoverflow.com/users/266143/codecaster
– Kamil Shaikh
Nov 24 at 4:59
add a comment |
You have two problems. One is that you are using static
variables in a web context, meaning they'll be shared between all visitors. Don't do that.
Your bigger problem is this:
var check = entity.TblName.Where(x => x.UserName == model.UserName && x.Password == model.Password).ToList();
You're rolling your own authentication logic. Definitely don't do that. Start over, use ASP.NET Identity and don't bother writing your own login code, because you're doing it wrong and opening up your users to security vulnerabilities.
You have two problems. One is that you are using static
variables in a web context, meaning they'll be shared between all visitors. Don't do that.
Your bigger problem is this:
var check = entity.TblName.Where(x => x.UserName == model.UserName && x.Password == model.Password).ToList();
You're rolling your own authentication logic. Definitely don't do that. Start over, use ASP.NET Identity and don't bother writing your own login code, because you're doing it wrong and opening up your users to security vulnerabilities.
answered Nov 13 at 12:46
CodeCaster
107k17139191
107k17139191
Thank you for your suggestion @CodeCaster but i am still not clear with the static part.Could you provide some detailed information about it? stackoverflow.com/users/266143/codecaster
– Kamil Shaikh
Nov 24 at 4:59
add a comment |
Thank you for your suggestion @CodeCaster but i am still not clear with the static part.Could you provide some detailed information about it? stackoverflow.com/users/266143/codecaster
– Kamil Shaikh
Nov 24 at 4:59
Thank you for your suggestion @CodeCaster but i am still not clear with the static part.Could you provide some detailed information about it? stackoverflow.com/users/266143/codecaster
– Kamil Shaikh
Nov 24 at 4:59
Thank you for your suggestion @CodeCaster but i am still not clear with the static part.Could you provide some detailed information about it? stackoverflow.com/users/266143/codecaster
– Kamil Shaikh
Nov 24 at 4:59
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53262084%2fprevious-user-login-is-replaced-by-recent-latest-user-login%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
Please share some relevant code. Especially that code where it says
static ...
.– Patrick Hofman
Nov 12 at 12:22
1
Hi, How to Ask and Minimal, Complete, and Verifiable example are great tool to help you formulate a question. Here we lack code.
– Drag and Drop
Nov 12 at 12:26
Please share your code specially your cookie and authenticate method
– shaghayegh sheykholeslami
Nov 12 at 12:27