locked
Azure IsAuthenticated false solved and then GetUserId empty RRS feed

  • Question

  • User757822128 posted

    I have been developing my ASP.NET for four years, finally getting to the release point deploying to Azure. It has worked fine on GoDaddy. Previously, I struggled with authentication and forms, finally getting a solution that removes FormsAuthentication, verifies with signinManager.PasswordSignIn(), and setsFormsAuthentication.SetAuthCookie(loginName, true) to get the User and IsAuthenticated both set. The all works fine on my box, GoDaddy, and initially on Azure.  I develop using Visual Studio 2017 with .Net Framework 4.7.02556.

    What I need in each aspx is IsAuthenticated to be correct and to get the user id.

    After some number of days or logins on Azure, verification continued to work but IsAuthenticated was always false. Off to the forums for help. The first time this happened I removed the web app and redeployed it, it worked again. Then again after 4 days, verification worked but IsAuthenticated failed. I decided re-deploying every 3 or 4 days was not really an option.  I now after much Googling I have it working with the following changes.

    In web.config, I got rid of removing FormsAuthentication.

    <configuration>
      <system.webServer>
        <validation validateIntegratedModeConfiguration="false" />
          <modules runAllManagedModulesForAllRequests="true">
            <!--<remove name="FormsAuthentication" />-->

    I added a location for each of my 3 login aspx pages. Not sure if this matters but it is what the possible fix said to do and seems fine.

    <configuration>
      <location path="~/Account/Login.aspx" allowOverride="true">
        <system.web>
          <authorization>
            <allow users="*"/>
          </authorization>
        </system.web>
      </location>  ...

    I changed authentication from None to Forms.

    <configuration>
      <system.web>
        <authentication mode="Forms"/>

    These changes result in IsAuthenticated being correct,  though GetUserId() is null on both development and Azure, but on my box

    userId = Context.User.Identity.GetUserId<string>();

    returns the user id (quite odd GetUserId() does not).  I fixed Azure by changing SetAuthCookie from the login name to the user id.

     SignInStatus result = signinManager.PasswordSignIn(LoginEmail.Text, password, RememberMe.Checked, false);
    switch (result) {
    case SignInStatus.Success:
    ApplicationUser user = signinManager.UserManager.FindByName(LoginEmail.Text);
    //FormsAuthentication.SetAuthCookie(LoginEmail.Text, true); - the normal setting
    FormsAuthentication.SetAuthCookie(user.Id, true);

     Now on Azure,

         string userId = Context.User.Identity.Name;

    sets the the user id - all is working avoiding Context.User which is not working.  On my development box, context.User.Identity.Name contains the login name still (huh?), but context.User.Identity.GetUserId<string>() still gives the user id. 

            public static string GetUserId(HttpContext context)
            {
                string userId = context.User.Identity.Name;
    
                if (Helper.IsEmpty(userId) || userId.Contains("@") || userId.Length != GUID_LENGTH) {
                    Debug.Log("GetUserId did not find an id in context.User.Identity.Name, try context.User.Identity.GetUserId, Identity.Name = " + (Helper.IsEmpty(userId) ? "NULL" : userId));
                    userId = context.User.Identity.GetUserId<string>();
    
                    if (Helper.IsEmpty(userId)) {
                        userId = context.User.Identity.GetUserId();
    
                        if (Helper.IsEmpty(userId) && !Helper.IsEmpty(context.User.Identity.Name)) {
                            userId = DataService.Factory().GetUserIdFromLoginName(context.User.Identity.Name);
                        }
                    }
    
                    if (Helper.IsEmpty(userId)) {
                        throw new Exception("Request validated but context.User.Identity.GetUserId(), context.User.Identity.GetUserId<string>() and context.User.Identity.Name all did not give a user id, Identity.Name = " + (Helper.IsEmpty(userId) ? "NULL" : userId));
                    }
                }
                return userId;
            }

    I have a working solution that is inconsistent on Azure verses my development box, and inconsistent within itself partcially working with unpredicted values.   I do not want different code for Azure, though of course I must accept it here and there.  My solution was cobbled together from several different forum suggestions for searches with IsAuthenticated false and GetUserId() is null.

    My question is, why are they behaving differently?

    Secondly, why did the behaviour on Azure authentication change after 4 days? Will it change again in 15 days? Non-deterministic behaviour in programming is confusing and worrisome.

    Monday, March 12, 2018 6:05 PM

All replies

  • User283571144 posted

    Hi George,

    My question is, why are they behaving differently?

    Secondly, why did the behaviour on Azure authentication change after 4 days? Will it change again in 15 days? Non-deterministic behaviour in programming is confusing and worrisome.

    According to your description, I couldn't directly find the reason why you face this issue.

    Do you use owin for form-authentication now?

    If possible I suggest you could try to share the code about how to you implement the authentication or directly share a github for us to test.

    Best Regards,

    Brando

    Tuesday, March 13, 2018 6:32 AM