We need distributed session state because load balancing with sticky sessions is whack. Spoiler: We DON’T roll it ourselves. ASP.NET session storage is useful for storing state across page views. In single server situations it’s simple to set up because ASP.NET supports in-memory session out of the box. In-memory sessions stop working as soon as there is more than one server. Most production environments have more than one server so the session issue needs to be dealt with.
There are two options for sessions in a web farm. First, a load balancer can be used to lock each user on a specific box (so-called “sticky sessions” or “session affinity”). This lets us continue to use in-memory session. The second is switching from in-memory to distributed session storage.
We will use a distributed session using Redis because we have existing Redis infrastructure and we don’t want a complex load balancer added to the mix.
Install the StackExchange Redis Distributed Cache Package
We already use StackExchange.Redis for talking to Redis. Conveniently, Microsoft has a ready-made distributed cache package which uses StackExchange.Redis. The first step is to install it:
Configure Redis Based Distributed Session in ASP.NET Core
The application must be configured to use the StackExchangeRedis cache. Be sure to tell the cache which Redis instance to connect to:
Read and Write to the User’s Session
With the Redis cache configured, reading and writing to the user’s session should work:
Now distributed session and user authentication are both working. Next, we’ll create a sign-up flow for users to create their accounts in the first place.