ISessionStore.Create() should also receive the HttpContext #64926
Description
In ASP.NET, if you want to manage session cookies yourself, you must use implement the ISessionStore interface. This interface contains a single method called Create() that basically serves as the "factory" for each request's ISession object. The Create() method is called on every request if you have the app.UseSession() line in Program.cs.
Currently, the signature for ISessionStore.Create is the following:
ISession Create(string sessionKey, TimeSpan idleTimeout, TimeSpan ioTimeout, Func<bool> tryEstablishSession, bool isNewSessionKey);As you can see, although Create() is called on every request, there is no HttpContext object passed to it. For my particular setup, I need a few things from the HttpContext object when creating the ISession object. Right now, in order to get access to the current HttpContext object in the Create() method, I have to pass in a IHttpContextAccessor to the ISessionStore so that I can get it that way. I feel this is overkill for something that could be easily added as a parameter to Create().
I've noticed that ASP.NET does a pretty good job of making an HttpContext object available anywhere a method runs in the context of a request, however this is one place that I think it was overlooked.
My proposal is the following: Add an HttpContext parameter to the end of the existing parameters to Create(), like this:
ISession Create(string sessionKey, TimeSpan idleTimeout, TimeSpan ioTimeout, Func<bool> tryEstablishSession, bool isNewSessionKey, HttpContext context);