0

I have created login using asp .net MVC and I have added a cookie for users who select the "Remember me" option. Below is the code used to add a cookie

 if (model.LoginViewModel.RememberMe)
 {
    var authTicket = new FormsAuthenticationTicket(
                        1,
                        model.LoginViewModel.Email,
                        DateTime.Now,
                        DateTime.Now.AddMinutes(20), // expiry
                        model.LoginViewModel.RememberMe, //true to remember
                        "",
                        "/");

    //encrypt the ticket and add it to a cookie
    HttpCookie cookie = new HttpCookie(
                           FormsAuthentication.FormsCookieName,
                           FormsAuthentication.Encrypt(authTicket));
    Response.Cookies.Add(cookie);
 }

and I have added this configuration to the web.config as well.

<authentication mode="Forms">
  <forms loginUrl="~/candidate" timeout="2880" />
</authentication>

I still can't see my login details when I am going to login for the second time.

Do I have missed something here or are there any other way achieve this?

Improve this question
5
  • Is there a particular reason you're not using the helper function for this? FormsAuthentication.SetAuthCookie(model.LoginViewModel.Email, model.LoginViewModel.RememberMe); will use the values you've assigned in the <forms /> section. Commented May 28, 2020 at 5:52
  • @TiesonT. I have tried FormsAuthentication.SetAuthCookie(model.LoginViewModel.Email, model.LoginViewModel.RememberMe); previously. but no luck there. Commented May 28, 2020 at 5:56
  • Unless your site is misconfigured, there's no reason for that not to work. You do need to issue a redirect after creating the auth cookie - it takes effect with the next request. Commented May 28, 2020 at 6:01
  • Worth noting that if this is a new project, FormsAuthentication is normally disabled - there's a different, claims-based method via OWIN that you're expected to use. Commented May 28, 2020 at 6:48
  • @TiesonT. Can u explain me the method using OWIN for this? Commented May 28, 2020 at 14:20

1 Answer 1

Reset to default
1

The bare minimum to replicate FormsAuthentication using OWIN would use something similar to this:

using System.Collections.Generic;
using System.Security.Claims;
using System.Web;
//
using Microsoft.Owin.Security;

namespace YourProjectNamespace
{
    public class ClaimsAuthManager
    {
        public void SignIn(string userName, string displayName = "", bool createPersistantLogin = false)
        {
            var claims = new List<Claim>();

            claims.Add(new Claim(ClaimTypes.Name, userName));
            claims.Add(new Claim(ClaimTypes.IsPersistent, createPersistantLogin.ToString()));

            claims.Add(new Claim(ClaimTypes.GivenName, string.IsNullOrWhiteSpace(displayName) ? userName : displayName));

            var identity = new ClaimsIdentity(claims, AuthenticationTypes.ApplicationCookie);

            GetAuthenticationContext().SignIn(new AuthenticationProperties { IsPersistent = createPersistantLogin }, identity);
        }

        public void SignOut()
        {
            GetAuthenticationContext().SignOut(AuthenticationTypes.ApplicationCookie);
        }

        private IAuthenticationManager GetAuthenticationContext()
        {
            return HttpContext.Current.GetOwinContext().Authentication;
        }
    }
}

Unlike FormsAuthentication, this is not a static/singleton object, so you'd need to either inject it into the controller, or create a new instance each time you wanted to sign the user in or out. Something like this:

new ClaimsAuthManager().SignIn(model.LoginViewModel.Email, null, model.LoginViewModel.RememberMe);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.