Last post Mar 16, 2016 10:36 AM by Mikesdotnetting
Mar 15, 2016 05:56 PM|sudip_inn|LINK
suppose i have project in mvc 5. few controllers are protected means only authenticated user can access those controllers. after authentication when user access protected controller then which code check the auth cookie or token is valid or not. i found
no code in mvc 5 project which check every time the auth cookie or token is valid or not when user access protected controller after authentication.
so please paste and highlight the area in code which does the job.
in mvc 5 project after authentication auth cookie is send to client or auth token is send to client ? please answer. thanks
Mar 16, 2016 07:56 AM|Mikesdotnetting|LINK
AuthorizeAttribute class includes this code:
IPrincipal user = httpContext.User;
Once the user has been authenticated, an authorisation cookie is sent to the client, which is then passed back and forth with every request until it expires. At that point, the user is no longer authenticated.
Mar 16, 2016 08:28 AM|sudip_inn|LINK
when this HttpContext.User.Identity.IsAuthenticated line of code capable to know that is user is authenticated or not then why
AuthorizeAttribute class use IPrincipal ?
any idea. please share. thanks
Mar 16, 2016 10:36 AM|Mikesdotnetting|LINK
The "user" variable is used a few more times elsewhere in the method (where I put ... to indicate that there is more code which isn't relevant to your question), so it saves typing the long version again and again.