/// <summary> /// Creates the Umbraco authentication ticket, this will look up the associated User /// for the supplied username in Hive /// </summary> /// <param name="http">The HTTP.</param> /// <param name="username">The username.</param> /// <param name="appContext">The app context.</param> public static void CreateUmbracoAuthTicket(this HttpContextBase http, string username, IUmbracoApplicationContext appContext) { using (var uow = appContext.Hive.OpenWriter <ISecurityStore>(new Uri("security://users"))) { var user = BackOfficeMembershipProvider.GetUmbracoUser(appContext, uow, username, false); if (user == null) { throw new NullReferenceException("No User found with username " + username); } http.CreateUmbracoAuthTicket(user); } }
/// <summary> /// Creates the Umbraco authentication ticket /// </summary> /// <param name="http"></param> /// <param name="user"></param> public static void CreateUmbracoAuthTicket(this HttpContextBase http, User user) { var roles = Roles.Providers.GetBackOfficeRoleProvider().GetRolesForUser(user.Username); var userData = new UserData { Id = user.Id.ToString(), Roles = roles, SessionTimeout = user.SessionTimeout, Username = user.Username, RealName = user.Name, StartContentNode = user.StartContentHiveId.IsNullValueOrEmpty() ? HiveId.Empty.ToString() : user.StartContentHiveId.ToString(), StartMediaNode = user.StartMediaHiveId.IsNullValueOrEmpty() ? HiveId.Empty.ToString() : user.StartMediaHiveId.ToString(), AllowedApplications = user.Applications.ToArray() }; http.CreateUmbracoAuthTicket(userData); }
public virtual FormsAuthenticationTicket PerformLogin(IUser user) { //clear the external cookie - we do this first without owin context because we're writing cookies directly to httpcontext // and cookie handling is different with httpcontext vs webapi and owin, normally we'd just do: //_httpContext.GetOwinContext().Authentication.SignOut(Constants.Security.BackOfficeExternalAuthenticationType); var externalLoginCookie = _httpContext.Request.Cookies.Get(Constants.Security.BackOfficeExternalCookieName); if (externalLoginCookie != null) { externalLoginCookie.Expires = DateTime.Now.AddYears(-1); _httpContext.Response.Cookies.Set(externalLoginCookie); } //ensure it's done for owin too _httpContext.GetOwinContext().Authentication.SignOut(Constants.Security.BackOfficeExternalAuthenticationType); var ticket = _httpContext.CreateUmbracoAuthTicket(Mapper.Map <UserData>(user)); return(ticket); }