Why does this example call the SignOut for ExternalCookie before signing in with an ApplicationCookie? Is it just a way to make sure the authentication information is clean? (The full example is here: http://www.asp.net/identity/overview/getting-started/introduction-to-aspnet-identity)
private async Task SignInAsync(ApplicationUser user, bool isPersistent)
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
var identity = await UserManager.CreateIdentityAsync(
user, DefaultAuthenticationTypes.ApplicationCookie);
AuthenticationManager.SignIn(
new AuthenticationProperties() {
IsPersistent = isPersistent
}, identity);
}
Its basically cleanup, the external cookie should get cleared eventually, its only needed to store the claims returned from google/fb/twitter etc such that app can pull whatever data it needs before signing the user. So SignIn is a good safe place to clear that external data.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With