/// <summary> /// Authenticates the user in the application using cookieModel. /// </summary> private void Authenticate(AuthorizationCookieModel cookieModel, bool rememberMe = false) { HttpContext context = HttpContext.Current; //Create a new ticket AuthenticationSection config = (AuthenticationSection)context.GetSection("system.web/authentication"); //Update Cookie bool isRememberMePreviousCookie = false; HttpCookie authCookie = HttpContext.Current.Request.Cookies[_cookieName]; if (authCookie != null && !string.IsNullOrEmpty(authCookie.Value)) { FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); if (authTicket != null) { isRememberMePreviousCookie = authTicket.IsPersistent; } } DateTime expirationDate = rememberMe || isRememberMePreviousCookie ? DateTime.Now.AddDays(AppConfigManager.RememberMeExpirationTimeFrameInDays) : DateTime.Now.AddMinutes(config.Forms.Timeout.TotalMinutes); //todo: move to separate method string cookieBody; using (MemoryStream ms = new MemoryStream()) { Serializer.Serialize(ms, cookieModel); cookieBody = BytesToHexString((ms.ToArray())); } FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, cookieModel.UserId.ToString(CultureInfo.InvariantCulture), DateTime.Now, expirationDate, rememberMe || isRememberMePreviousCookie, cookieBody, FormsAuthentication.FormsCookiePath); //Assign ticket to cookie string encryptedTicket = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie(_cookieName, encryptedTicket) { HttpOnly = true }; //Remember Me if (rememberMe || isRememberMePreviousCookie) { cookie.Expires = expirationDate; } context.Response.Cookies.Clear(); context.Response.Cookies.Add(cookie); AssignPrincipal(cookieModel); }
private static void AssignPrincipal(AuthorizationCookieModel cookieModel) { OptionsPlayIdentity identity = cookieModel.ToOptionsPlayIdentity(); OptionsPlayPrincipal principal = new OptionsPlayPrincipal(identity, identity.Role); HttpContext.Current.User = principal; Thread.CurrentPrincipal = principal; }
/// <summary> /// Authenticates the user in the application. /// </summary> public void Authenticate(User user, bool rememberMe = false) { AuthorizationCookieModel cookieModel = user.ToAuthorizationCookieModel(); Authenticate(cookieModel, rememberMe); }