/// <summary>
/// Authenticates the request by reading the FormsAuthentication cookie and setting the
/// context and thread principle object
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
static void AuthenticateRequest(object sender, EventArgs e)
{
var app = (HttpApplication)sender;
var http = new HttpContextWrapper(app.Context);
//we need to determine if the path being requested is an umbraco path, if not don't do anything
var settings = UmbracoSettings.GetSettings();
var backOfficeRoutePath = string.Concat(settings.UmbracoPaths.BackOfficePath, "/");
var installerRoutePath = string.Concat("Install", "/");
var routeUrl = "";
var routeData = RouteTable.Routes.GetRouteData(http);
if (routeData != null)
{
var route = routeData.Route as Route;
if (route != null)
{
routeUrl = route.Url;
}
}
if (routeUrl.StartsWith(installerRoutePath, StringComparison.InvariantCultureIgnoreCase) ||
routeUrl.StartsWith(backOfficeRoutePath, StringComparison.InvariantCultureIgnoreCase))
{
if (app.Context.User == null)
{
if (app.User != null)
{
//set the principal object
app.Context.User = app.User;
Thread.CurrentPrincipal = app.User;
}
else
{
var ticket = http.GetUmbracoAuthTicket();
if (ticket != null && !ticket.Expired && http.RenewUmbracoAuthTicket())
{
//create the Umbraco user identity
var identity = new UmbracoBackOfficeIdentity(ticket);
//set the principal object
var principal = new GenericPrincipal(identity, identity.Roles);
app.Context.User = principal;
Thread.CurrentPrincipal = principal;
}
}
}
}
}