private HttpCookie GetAuthCookie(UserPrincipal userPrincipal, string principalApplicationKey)
{
//FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,
// userPrincipal.Identity.Name,
// DateTime.Now,
// DateTime.Now.AddMinutes(15),
// false, //pass here true, if you want to implement remember me functionality
// principalApplicationKey,
// FormsAuthentication.FormsCookiePath);
HttpCookie initialCookie = FormsAuthentication.GetAuthCookie(userPrincipal.Identity.Name, false);
FormsAuthenticationTicket initialTicket = FormsAuthentication.Decrypt(initialCookie.Value);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, // version
userPrincipal.Identity.Name, // username
initialTicket.IssueDate, // issue date
initialTicket.Expiration, // expiration
false, // persistance
principalApplicationKey, // user data
FormsAuthentication.FormsCookiePath);
// Build auth cookie
return new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(authTicket));
}
private void Authorize(User dbUser)
{
// Create principal
UserPrincipal principal = new UserPrincipal(dbUser.Username, dbUser.Id,
dbUser.Role.Select(r => r.Name).ToArray());
// Save it to this request and session
string principalApplicationKey = Guid.NewGuid().ToString();
UserPrincipal.CurrentPrincipal = principal;
ControllerContext.HttpContext.Application[principalApplicationKey] = principal;
// Set Forms auth cookie
HttpCookie authCookie = GetAuthCookie(principal, principalApplicationKey);
Response.Cookies.Add(authCookie);
}
