private void Authorize(User dbUser)
{
// Create principal
UserPrincipal userPrincipal = new UserPrincipal(dbUser.Username, dbUser.Id, dbUser.IsManager);
// Save it to this request and session
string principalApplicationKey = Guid.NewGuid().ToString();
UserPrincipal.CurrentPrincipal = userPrincipal;
ControllerContext.HttpContext.User = userPrincipal;
ControllerContext.HttpContext.Application[principalApplicationKey] = userPrincipal;
// Set Forms auth cookie
HttpCookie authCookie = GetAuthCookie(userPrincipal, principalApplicationKey);
Response.Cookies.Add(authCookie);
}
private HttpCookie GetAuthCookie(UserPrincipal userPrincipal, string principalApplicationKey)
{
HttpCookie initialCookie = FormsAuthentication.GetAuthCookie(userPrincipal.Identity.Name, false);
FormsAuthenticationTicket initialTicket = FormsAuthentication.Decrypt(initialCookie.Value);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, // version
userPrincipal.Identity.Name, // username
initialTicket.IssueDate, // issue date
initialTicket.Expiration, // expiration
false, // persistance
principalApplicationKey, // user data
FormsAuthentication.FormsCookiePath);
// Build auth cookie
return new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(authTicket));
}
