How to handle session expiry in Owin Authentication Share

Owin authentication makes use of token-based approach to implement authentication between the front-end application and the back-end API. We all know the common and conventional way to implement authentication is the cookie-based approach where the cookie is sent with each request from the client to the server and on the server it is used to identify the authenticated user.

Let's see how to start with Owin Authentication:

Create an empty solution and name it “AngularJSAuthentication”. Then add new ASP.NET Web application. Once you have done this, you have to install the NuGet packages which are needed to setup your Owin server.

Under Tools Menu, select NuGet Package Manager. From NuGet Package Manager menu select Package Manager Console and type:

    Install-Package Microsoft.AspNet.WebApi.Owin -Version 5.1.2

    Install-Package Microsoft.Owin.Host.SystemWeb -Version 2.1.0

    Install-Package Microsoft.AspNet.Identity.Owin -Version 2.0.1

    Install-Package Microsoft.AspNet.Identity.EntityFramework -Version 2.0.1

    Install-Package Microsoft.Owin.Security.OAuth -Version 2.1.0

    Install-Package Microsoft.Owin.Cors -Version 2.1.0


Add a startup class:

Next, add an OWIN startup class. In Solution Explorer, right-click the project and select Add, then select New Item. In the Add New Item dialog, select Owin Startup class .

The OWIN Startup class template is available in Visual Studio.

Now the requirement is when the cookie is expired, I need to redirect to Login screen.

Having said that, I did face an issue here. I had set a time for the session to expire after some minutes of inactivity, but the session was not getting expired.

Latest Blogs