protected virtual void ConfigureAuthBuilder(AuthenticationBuilder authBuilder) { var allUserAreas = _userAreaDefinitionRepository.GetAll(); foreach (var userArea in allUserAreas) { var cookieNamespace = _authCookieNamespaceProvider.GetNamespace(userArea.UserAreaCode); var scheme = AuthenticationSchemeNames.UserArea(userArea.UserAreaCode); var options = new UserAreaSchemeRegistrationOptions(userArea, scheme, cookieNamespace); ConfigureUserAreaScheme(authBuilder, options); } }
/// <summary> /// This method is called for each user area registered in Cofoundry. The default implementation /// adds a cookie authentication scheme, using <see cref="ConfigureCookieOptions"/> to configure /// the cookie options. Override this if you want to completely customize the configuration of /// an authentication scheme e.g. replacing cookie authentication. /// </summary> /// <param name="authenticationBuilder">The builder to add the user area authentication scheme to.</param> /// <param name="schemeRegistrationOptions">Parameters that can be used to configure the authentication scheme.</param> protected virtual void ConfigureUserAreaScheme(AuthenticationBuilder authenticationBuilder, UserAreaSchemeRegistrationOptions schemeRegistrationOptions) { authenticationBuilder .AddCookie(schemeRegistrationOptions.Scheme, cookieOptions => { ConfigureCookieOptions(cookieOptions, schemeRegistrationOptions); }); }
/// <summary> /// Configures the cookie options for a cookie-based user area authentication scheme. /// Override this to customize the default cookie settings used by Cofoundry. /// </summary> /// <param name="cookieOptions">Options to be configured.</param> /// <param name="schemeRegistrationOptions">Parameters that can be used to configure the authentication scheme.</param> protected virtual void ConfigureCookieOptions(CookieAuthenticationOptions cookieOptions, UserAreaSchemeRegistrationOptions schemeRegistrationOptions) { cookieOptions.Cookie.Name = schemeRegistrationOptions.CookieNamespace + schemeRegistrationOptions.UserArea.UserAreaCode; cookieOptions.Cookie.HttpOnly = true; cookieOptions.Cookie.IsEssential = true; cookieOptions.Cookie.SameSite = SameSiteMode.Lax; cookieOptions.Events.OnValidatePrincipal = ValidateCookiePrincipal; if (!string.IsNullOrWhiteSpace(schemeRegistrationOptions.UserArea.SignInPath)) { cookieOptions.LoginPath = schemeRegistrationOptions.UserArea.SignInPath; } else { cookieOptions.Events.OnRedirectToLogin = DefaultSignInRedirectAction; } cookieOptions.Events.OnRedirectToAccessDenied = DefaultDenyAction; }