Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How DotNetOpenAuth works

I am just getting started using DotNetOpenAuth with an MVC app and I am having it a bit difficult understanding how it actually works.

As far as I understand, DotNetOpenAuth will take care of authenticating a user with Google/Twitter/Facebook (probably after some modification).

What happens afterwards? Is the user authenticated per request? Is the user information saved in a session using IPrincipal, IIdentity? How does it fit together with an MVC application which will store all user information in the application database (custom tables and not the default .NET membership provider ones)?

Also, if you know any good tutorials, documentation on the subject, please share this as well.

Thanks!

like image 701
sTodorov Avatar asked Nov 13 '22 18:11

sTodorov


1 Answers

DotNetOpenAuth only deals with the authentication step -- how you decide to store and recall that authentication ticket is up to you. It is very common to use FormsAuthentication to log the user in:

FormsAuthentication.RedirectFromLoginPage(authResponse.ClaimedIdentifier);

Using this approach, a cookie is sent to the browser and comes in with every request -- just like if you had used the older username/password approach.

You can download a bunch of samples from SourceForge.

like image 181
Andrew Arnott Avatar answered Nov 15 '22 11:11

Andrew Arnott