locked
How to add custom data to auth cookie when working with identity and roles RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User264732274 posted

    suppose i want to attach logged in user last pwd change date to auth cookie during login process. show me how can i do it and also tell me how to read back last pwd change date from auth cookie ?

    please provide code example. thanks

    Wednesday, September 21, 2016 9:02 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    User283571144 posted

    Hi sudip_inn,

    suppose i want to attach logged in user last pwd change date to auth cookie during login process. show me how can i do it and also tell me how to read back last pwd change date from auth cookie ?

    As far as I know, OWIN authentication provide a method which could add customer cookie as you whished.

    That is claim.

    You could create the set of claims to represent the identity of the user and creates a ClaimsIdentity from the claims.

    And in app.UseCookieAuthentication method, owin will add this set of claims into auth cookie.

    So, I suggest you could use ApplicationUserManager.AddClaimAsync method to add the claim(one part of auth cookie).

    More details, you could refer to follow codes:

    Controller:

     [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            if (!ModelState.IsValid)
            {
                return View(model);
            }

            // This doesn't count login failures towards account lockout
            // To enable password failures to trigger account lockout, change to shouldLockout: true
            var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
            switch (result)
            {
                case SignInStatus.Success:
                    //get user
                    var user = await UserManager.FindByNameAsync(model.Email);
                    //add claim
                    await UserManager.AddClaimAsync(user.Id, new Claim("Date", "ChangePassowrdTime"));
                    return RedirectToLocal(returnUrl);
                case SignInStatus.LockedOut:
                    return View("Lockout");
                case SignInStatus.RequiresVerification:
                    return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
                case SignInStatus.Failure:
                default:
                    ModelState.AddModelError("", "Invalid login attempt.");
                    return View(model);
            }
        }

    In the Home Controller(Get the Claim):

      public ActionResult About()
        {
            ViewBag.Message = "Your application description page.";
            ViewBag.ImgPath = "123";
            var userId = User.Identity.GetUserId();
            ApplicationUserManager UserManager = HttpContext.GetOwinContext().GetUserManager<ApplicationUserManager>();
            var claims =  UserManager.GetClaims(userId);
            var someClaim = claims.FirstOrDefault(c => c.Type == "Date");
            ViewBag.Email = someClaim.Value;
            return View();
        }

    Best Regards,

    Brando

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, September 22, 2016 7:24 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User283571144 posted

    Hi sudip_inn,

    just tell me how to write below code in one of the function a) FormsAuthentication_OnAuthenticate b) Application_PostAuthenticateRequest ?

    As far as I know, both two function need to be added in the Global.asax file.

    And it could read the indentity.

    More details, you could refer to follow codes and image:

      protected void Application_PostAuthenticateRequest(object sender, EventArgs e)
        {
            var userId = User.Identity.GetUserId();
            if (userId != null)
            {
                ApplicationUserManager UserManager = Request.GetOwinContext().GetUserManager<ApplicationUserManager>();
                var claims = UserManager.GetClaims(userId);
                var someClaim = claims.FirstOrDefault(c => c.Type == "E-mail");
            }
        }

    Result:

    Best Regards,

    Brando

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, September 26, 2016 8:09 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    User283571144 posted

    Hi sudip_inn,

    suppose i want to attach logged in user last pwd change date to auth cookie during login process. show me how can i do it and also tell me how to read back last pwd change date from auth cookie ?

    As far as I know, OWIN authentication provide a method which could add customer cookie as you whished.

    That is claim.

    You could create the set of claims to represent the identity of the user and creates a ClaimsIdentity from the claims.

    And in app.UseCookieAuthentication method, owin will add this set of claims into auth cookie.

    So, I suggest you could use ApplicationUserManager.AddClaimAsync method to add the claim(one part of auth cookie).

    More details, you could refer to follow codes:

    Controller:

     [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            if (!ModelState.IsValid)
            {
                return View(model);
            }

            // This doesn't count login failures towards account lockout
            // To enable password failures to trigger account lockout, change to shouldLockout: true
            var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
            switch (result)
            {
                case SignInStatus.Success:
                    //get user
                    var user = await UserManager.FindByNameAsync(model.Email);
                    //add claim
                    await UserManager.AddClaimAsync(user.Id, new Claim("Date", "ChangePassowrdTime"));
                    return RedirectToLocal(returnUrl);
                case SignInStatus.LockedOut:
                    return View("Lockout");
                case SignInStatus.RequiresVerification:
                    return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
                case SignInStatus.Failure:
                default:
                    ModelState.AddModelError("", "Invalid login attempt.");
                    return View(model);
            }
        }

    In the Home Controller(Get the Claim):

      public ActionResult About()
        {
            ViewBag.Message = "Your application description page.";
            ViewBag.ImgPath = "123";
            var userId = User.Identity.GetUserId();
            ApplicationUserManager UserManager = HttpContext.GetOwinContext().GetUserManager<ApplicationUserManager>();
            var claims =  UserManager.GetClaims(userId);
            var someClaim = claims.FirstOrDefault(c => c.Type == "Date");
            ViewBag.Email = someClaim.Value;
            return View();
        }

    Best Regards,

    Brando

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, September 22, 2016 7:24 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User264732274 posted

    just tell me how to write below code in one of the function a) FormsAuthentication_OnAuthenticate b) Application_PostAuthenticateRequest ?

    var userId = User.Identity.GetUserId();
            ApplicationUserManager UserManager = HttpContext.GetOwinContext().GetUserManager<ApplicationUserManager>();
            var claims =  UserManager.GetClaims(userId);
            var someClaim = claims.FirstOrDefault(c => c.Type == "Date");

    protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e)
    {

    }

    protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
    {

    }

    can we read identity from FormsAuthentication_OnAuthenticate or Application_PostAuthenticateRequest ?

    please let me know. if possible give me a fresh working code where u will show read identity from anyone one of function.

    i heard about these two functions from this url http://www.codeproject.com/Articles/578374/AplusBeginner-splusTutorialplusonplusCustomplusF

    thanks

    Thursday, September 22, 2016 12:03 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User283571144 posted

    Hi sudip_inn,

    just tell me how to write below code in one of the function a) FormsAuthentication_OnAuthenticate b) Application_PostAuthenticateRequest ?

    As far as I know, both two function need to be added in the Global.asax file.

    And it could read the indentity.

    More details, you could refer to follow codes and image:

      protected void Application_PostAuthenticateRequest(object sender, EventArgs e)
        {
            var userId = User.Identity.GetUserId();
            if (userId != null)
            {
                ApplicationUserManager UserManager = Request.GetOwinContext().GetUserManager<ApplicationUserManager>();
                var claims = UserManager.GetClaims(userId);
                var someClaim = claims.FirstOrDefault(c => c.Type == "E-mail");
            }
        }

    Result:

    Best Regards,

    Brando

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, September 26, 2016 8:09 AM