When a user signs in, I'm able to create a new cookie cookie and send it back to their browser. However, no user is being set when I call SignInAsync.
Here is where I'm setting the cookie.
var claims = new List<Claim>
{
new Claim(ClaimTypes.NameIdentifier, authRequest.UserName),
new Claim(ClaimTypes.Name, authRequest.UserName),
new Claim(ClaimTypes.Email, "TestClaim@Test.com")
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
ExpiresUtc = DateTimeOffset.UtcNow.AddDays(1),
IsPersistent = true,
IssuedUtc = DateTimeOffset.UtcNow
};
await this._httpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties).ConfigureAwait(true);
I have no idea what is happening once SignInAsync is called, but it's setting the options in my startup.cs. When I try to relogin with the user and they send the cookie, the httpcontext.User of the request is still anonymous user. Any help would be appreciated!
Note : In the Configure method, use the UseAuthentication method to invoke the Authentication Middleware that sets the
HttpContext.User property. Call the UseAuthentication method before calling
UseMvcWithDefaultRoute or UseMvc
Best Regards ,
Sherry
MSDN Community Support
Please remember to click "Mark as Answer" the responses that resolved your issue.
If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.
By Anonymous user, I meant when the login request with the cookie gets sent in and a new httpcontext is created, the User sending the request does not have any claims associated with them, or their identity.
(May need to open the image in a new tabl for it to show, not sure).
I had the AddAuthentication after AddMVC(), but still no luck after moving the AddMVC after AddAuthentication.
Edit: FIXED IT!
I missed the app.UseAuthentication() line in startup.cs!! Thank you so much for the help!
Member
1 Points
3 Posts
How does cookie authentication in identity framework work?
Jul 02, 2019 06:55 PM|mavendano|LINK
When a user signs in, I'm able to create a new cookie cookie and send it back to their browser. However, no user is being set when I call SignInAsync.
Here is where I'm setting the cookie.
var claims = new List<Claim> { new Claim(ClaimTypes.NameIdentifier, authRequest.UserName), new Claim(ClaimTypes.Name, authRequest.UserName), new Claim(ClaimTypes.Email, "TestClaim@Test.com") }; var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { AllowRefresh = true, ExpiresUtc = DateTimeOffset.UtcNow.AddDays(1), IsPersistent = true, IssuedUtc = DateTimeOffset.UtcNow }; await this._httpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties).ConfigureAwait(true);Here is my startup.cs file options:
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => { options.Cookie.Name = "MyCookie.Identity"; options.Cookie.Expiration = TimeSpan.FromDays(1); });I have no idea what is happening once SignInAsync is called, but it's setting the options in my startup.cs. When I try to relogin with the user and they send the cookie, the httpcontext.User of the request is still anonymous user. Any help would be appreciated!
Participant
1480 Points
451 Posts
Re: How does cookie authentication in identity framework work?
Jul 03, 2019 06:33 AM|Sherry Chen|LINK
Hi mavendano ,
What does the "anonymous user " mean? What do you expect to be, and what are you actually getting?
I made a test demo , but it worked . Could you share some complete code or screenshots of the results?
Check if you add app.UseAuthentication(); with correct order in Configure method like below :
app.UseHttpsRedirection(); app.UseStaticFiles(); app.UseCookiePolicy(); app.UseAuthentication(); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller=Home}/{action=Index}/{id?}"); });Note : In the Configure method, use the UseAuthentication method to invoke the Authentication Middleware that sets the HttpContext.User property. Call the UseAuthentication method before calling UseMvcWithDefaultRoute or UseMvc
Best Regards ,
Sherry
Please remember to click "Mark as Answer" the responses that resolved your issue.
If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.
Member
1 Points
3 Posts
Re: How does cookie authentication in identity framework work?
Jul 03, 2019 02:24 PM|mavendano|LINK
Hi Sherry,
Thanks for the reply! Here is my startup.cs configuration.
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => { options.Cookie.Name = "PangaeaService.Identity"; options.Cookie.Expiration = TimeSpan.FromDays(1); }); // Add SAML SSO Service services.AddSaml(Configuration.GetSection("SAML")); services.AddMvc().AddJsonOptions(options => { options.SerializerSettings.Converters.Add(new StringEnumConverter()); options.SerializerSettings.NullValueHandling = NullValueHandling.Ignore; });By Anonymous user, I meant when the login request with the cookie gets sent in and a new httpcontext is created, the User sending the request does not have any claims associated with them, or their identity.
(May need to open the image in a new tabl for it to show, not sure).
I had the AddAuthentication after AddMVC(), but still no luck after moving the AddMVC after AddAuthentication.
Edit: FIXED IT!
I missed the app.UseAuthentication() line in startup.cs!! Thank you so much for the help!