I’m having issues with my web-application expiring the session too soon (not unexpected, just too soon for the type of system I am developing). My host doesn’t allow changing the session expiration time.
So I was thinking, is there any way that I can (in ASP .NET MVC) for instance save my session variables in a form, so that when that form is somehow submitted or the page has changed, I can reset the session variables?
But with the above theory (if it’s even a good theory), then how do I handle such stuff in my controllers? Or is there a better way to reach a session that is theoretically infinite?
What you are describing is the standard use-case for cookies.
If your variables don’t need to be secure, then save each in a cookie (or, if you want to do it right, have a “session object” that you serialize in a cookie).
If your variables need to be secure, save them in a database or flat file and save the encrypted row id in the cookie.