I'm using cookie authentication with OWIN in a .NET MVC 4.5 setup. I set up the cookie authentication configuration in Startup.Auth.cs (code below) and I would like to access the LoginPath that I set in CookieAuthenticationOptions in a controller so that if, for whatever reason, my LoginPath changes, I only need to change it in one place. So just looking for something like
context.GetCookieAuthenticationOptions().LoginPath
Is there a way to access the CookieAuthenticationOptions outside of Startup.Auth.cs, or is my only option here to do something like add an appSetting in Web.config and then use that instead?
Startup.Auth.cs code, I would like to access LoginPath outside of this file.
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("Login"),
SlidingExpiration = true,
ExpireTimeSpan = _expirationTimeSpan,
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromMinutes(30),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager, DefaultAuthenticationTypes.ApplicationCookie))
},
});
The entire cookie-based authentication works in the following manner: The user gives a username and password at the time of login. Once the user fills in the login form, the browser (client) sends a login request to the server. The server verifies the user by querying the user data.
Cookies are represented as key-value pairs, and you can take advantage of the keys to read, write, or delete cookies. ASP.NET Core uses cookies to maintain session state; the cookie that contains the session ID is sent to the client with each request.
There is no direct way to do this. If you look closely, the cookie options object is stored in the AppBuilder
class private _middleware
collection. There is no way to access this property (except reflection).
You can however store the cookieOptions object in the Owin context:
var cookieOptions = new CookieAuthenticationOptions
{
// ...
LoginPath = new PathString("/Account/Login"),
// ...
};
app.UseCookieAuthentication(cookieOptions);
app.CreatePerOwinContext(() => new MyCookieAuthOptions(cookieOptions));
In the controller you can then access it like this:
var cookieOptions = HttpContext.GetOwinContext().Get<MyCookieAuthOptions>().Options;
Owin context only supports IDisposable
object, therefore we need to wrap CookieAuthenticationOptions
in a IDisposable
object:
public class MyCookieAuthOptions : IDisposable
{
public MyCookieAuthOptions(CookieAuthenticationOptions cookieOptions)
{
Options = cookieOptions;
}
public CookieAuthenticationOptions Options { get; }
public void Dispose()
{
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With