public CookieIdentity GetCurrentUser()
{
var name = HttpContext.Current.User.Identity.Name;
var authCookie = _cookieManager.Get(CoreConstants.Authentication.IdentityCookieName);
if (name.IsNullOrEmpty() || authCookie.IsNullOrEmpty())
{
return(SignInGuest());
}
var authIdentity = CookieIdentity.Decode(authCookie);
//make sure the identity cookie has not been hacked
if (authIdentity.Email.ToLowerInvariant().Trim() == name.ToLowerInvariant().Trim())
{
return(authIdentity);
}
return(SignInGuest());
}
