private void SlidingAuthenticationForFormsAuth(NancyContext context)
{
if (context.CurrentUser == null)
{
return;
}
var formsAuthCookieName = FormsAuthentication.FormsAuthenticationCookieName;
if (!context.Request.Path.Equals("/logout") &&
context.Request.Cookies.ContainsKey(formsAuthCookieName))
{
var formsAuthCookieValue = context.Request.Cookies[formsAuthCookieName];
if (FormsAuthentication.DecryptAndValidateAuthenticationCookie(formsAuthCookieValue, FormsAuthConfig).IsNotNullOrWhiteSpace())
{
var formsAuthCookie = new NancyCookie(formsAuthCookieName, formsAuthCookieValue, true, false, DateTime.UtcNow.AddDays(7))
{
Path = GetCookiePath()
};
context.Response.WithCookie(formsAuthCookie);
}
}
}
public Task Invoke(IDictionary <string, object> environment)
{
var requestHeaders = ((IDictionary <string, string[]>)environment["owin.RequestHeaders"]);
if (!requestHeaders.ContainsKey("Cookie"))
{
return(_next.Invoke(environment));
}
NancyCookie authCookie = GetFormsAuthCookies(requestHeaders["Cookie"]).SingleOrDefault();
if (authCookie == null)
{
return(_next.Invoke(environment));
}
string user = FormsAuthentication.DecryptAndValidateAuthenticationCookie(authCookie.Value, _formsAuthenticationConfiguration);
Guid userId;
if (Guid.TryParse(user, out userId))
{
ClaimsPrincipal claimsPrincipal = _userManager.GetClaimsPrincial(Guid.Parse(userId));
if (environment.ContainsKey(ServerUser))
{
environment[ServerUser] = claimsPrincipal;
}
else
{
environment.Add(ServerUser, claimsPrincipal);
}
}
return(_next.Invoke(environment));
}
public void encrypted_cookie_can_be_decrypted()
{
var userName = "******";
var encrypted = FormsAuthentication.EncryptAndSignCookie(userName);
Assert.NotEqual(encrypted, userName);
var decrypted = FormsAuthentication.DecryptAndValidateAuthenticationCookie(encrypted);
Assert.Equal(userName, decrypted);
}