0

I have simple web App (asp mvc 4) that take username and password and authenticate user via custom user provider.

In account controller i write this code: 

 public ActionResult Login(LoginViewModel model, string returnUrl = "")
    {
            if (ModelState.IsValid)
        {
            ImasUser user=null;
            var x = ImasUserManagment.ImasMembershipProvider.GetImasUser(model.Username, model.Password);
            if(x!=null)
              user =new ImasUser(x);
            if (user != null)
            {
                var roles = user.ImasRoles.Select(m => m.RoleName).ToArray();

                ImasPrincipalSerializeModel serializeModel = new ImasPrincipalSerializeModel();
                serializeModel.UserId = user.UserID;
                serializeModel.FirstName = user.FirstName;
                serializeModel.LastName = user.LastName;
                serializeModel.UserName = user.UserName;
                serializeModel.roles = roles;

                string userData = JsonConvert.SerializeObject(serializeModel); 
                FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
                         1,
                        user.UserName,
                         DateTime.Now,
                         DateTime.Now.AddMinutes(15),
                         false,
                         userData, FormsAuthentication.FormsCookiePath);

                string encTicket = FormsAuthentication.Encrypt(authTicket);
                HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
                faCookie.Expires = authTicket.Expiration;
                Response.Cookies.Clear();
                System.Web.HttpContext.Current.Response.Cookies.Add(faCookie);
                System.Web.HttpContext.Current.Session.Add("UserInfo", userData);

                if (roles.Contains("Admin"))
                {
                    return RedirectToAction("Index", "Admin");
                }
                else if (roles.Contains("User"))
                {
                    return RedirectToAction("Index", "User");
                }
                else
                {
                    return RedirectToAction("Index", "Home");
                }
            }

            ModelState.AddModelError("", "xxx");
        }

And in global asax :

    protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
    {
            HttpCookie authCookie =System.Web.HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
        if (authCookie != null)
        {
            FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
            ImasPrincipalSerializeModel serializeModel = JsonConvert.DeserializeObject<ImasPrincipalSerializeModel>(authTicket.UserData);
            ImasPrincipal newUser = new ImasPrincipal(authTicket.Name);
            newUser.UserId = serializeModel.UserId;
            newUser.FirstName = serializeModel.FirstName;
            newUser.LastName = serializeModel.LastName;
            newUser.roles = serializeModel.roles;
            HttpContext.Current.User = newUser;
        }

    }

But "authCookie" is null in global.asax.

Improve this question
1
  • Why do you construct the cookie manually, when you can just use the FormsAuthentication.SetAuthCookie method? Commented Jan 6, 2015 at 12:12

1 Answer 1

Reset to default
2

1) Better Use Session

2) Try:

FormsAuthentication.SetAuthCookie

and:

FormsAuthentication.GetAuthCookie
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.