protected void Application_AuthenticateRequest(object sender, EventArgs evt) { // Get context for token, redirect if no match IUserSessionService sessionService = UserSessionService; string token = GetToken(); UserContext userContext = token == null ? null : sessionService.GetLoggedInUser(token); if (userContext == null) { ClearToken(); return; } Context.User = userContext; Thread.CurrentPrincipal = userContext; }