Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What sets User.Identity.IsAuthenticated in an ASP.NET MVC app?

I'm using the Facebook C# SDK, and I authenticate the user by their Facebook account. Once I've performed all the checks to "authenticate" them, I call FormsAuthentication.SetAuthCookie(email, false);

Does performing that call allow me to have access to User.Identity.IsAuthenticated within my actions? What about if I didn't make that call?

I have some actions that will return different views based on their authentication status, and want to make sure User.Identity.IsAuthenticated is reliable in an MVC 4 app.

like image 478
Chaddeus Avatar asked Aug 10 '12 06:08

Chaddeus


People also ask

How do you set HttpContext user identity for an application manually?

You can achieve this by manually settings HttpContext. User: var identity = new ClaimsIdentity("Custom"); HttpContext. User = new ClaimsPrincipal(identity);

What is Identity Server in ASP NET MVC?

Identity Server is an open source OpenID Connect and OAuth 2.0 framework. It can be used to make your application an authentication / single sign on server. It can also issue access tokens for 3rd party clients.


1 Answers

It is the FormsAuthentication HTTP module that is registered and which executes on each request. This module is automatically registered when you specify mode="Forms" in your web.config's <authentication> tag. It is this same module which intercepts all 401 responses and automatically redirects the user to the LogOn page (which sometimes is not a desired behavior as the end result is HTTP status code of 200).

So to answer your questions:

Does performing that call allow me to have access to User.Identity.IsAuthenticated within my actions? What about if I didn't make that call?

Not exactly. This call only emits the forms authentication cookie to the response. It is the HTTP module which is responsible for intercepting the request and if this request contains the cookie it will set the User.Identity.

like image 55
Darin Dimitrov Avatar answered Nov 05 '22 23:11

Darin Dimitrov