private async Task <bool> AuthenticateUser(string sessionKey)
{
var userSessionData = _userSessionManager.GetUserSessionDataForKey(sessionKey);
if (userSessionData == null)
{
return(false);
}
var persona = await _dbContext.Personas.SingleOrDefaultAsync(x => x.Id == userSessionData.PersonaId);
if (persona == null)
{
return(false);
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, Convert.ToString(persona.Id)),
new Claim(ClaimTypes.Name, persona.Username),
};
var claimsIdentity = new ClaimsIdentity(
claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
//AllowRefresh = <bool>,
// Refreshing the authentication session should be allowed.
//ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10),
// The time at which the authentication ticket expires. A
// value set here overrides the ExpireTimeSpan option of
// CookieAuthenticationOptions set with AddCookie.
//IsPersistent = true,
// Whether the authentication session is persisted across
// multiple requests. When used with cookies, controls
// whether the cookie's lifetime is absolute (matching the
// lifetime of the authentication ticket) or session-based.
//IssuedUtc = <DateTimeOffset>,
// The time at which the authentication ticket was issued.
//RedirectUri = <string>
// The full path or absolute URI to be used as an http
// redirect response value.
};
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
return(true);
}
