c# - Authentication state in ASP.NET MVC ActionFilters -
i have actionfilter name of log log user ip , other details when user login website work write following code:
public class log : actionfilterattribute { public iappusermanager usermanager { get; set; } public override void onresultexecuted(resultexecutedcontext filtercontext) { var status = filtercontext.controller.tempdata.any(pair => pair.key == "status" && (int)pair.value == 200); if (filtercontext.httpcontext.user != null && filtercontext.httpcontext.user.identity.isauthenticated && status) { var logip = new addipaddressdto() { browser = filtercontext.httpcontext.request.getbrowser(), ip = filtercontext.httpcontext.request.getip(), os = filtercontext.httpcontext.request.useragent.getos(), urlreferrer = filtercontext.httpcontext.request.urlreferrer?.tostring(), userid = guid.parse(filtercontext.httpcontext.user.identity.getuserid()), username = filtercontext.httpcontext.user.identity.getusername(), }; usermanager.log(logip); } base.onresultexecuted(filtercontext); } } this code work when filtercontext.httpcontext.user.identity.isauthenticated ture.
the log filter declare on login action:
[allowanonymous] [route("sign-in", name = "signinroute")] [httppost, validateantiforgerytoken] [log] public virtual async task<actionresult> login(logindto login, string returnto) { var signinstatus = await _signinmanager .passwordsigninasync(user.username, login.password, login.rememberme, true) .configureawait(false); switch (signinstatus) // success { case signinstatus.success: tempdata["status"] = 200; return redirecttolocal(returnto); case signinstatus.lockedout: // todo return time of louckout break; case signinstatus.requiresverification: return redirecttoaction("confirmemail"); case signinstatus.failure: return view(cleanpasswordinlogin(login)); default: throw new argumentoutofrangeexception(); } } login action works fine , signinstatus success after excuted action isauthenticated false.
to solve issue i've tried following items:
- used
httpcontext.current.getowincontext(); defined following code in ioc (structuremap 4.5.2)
config.for<httpcontextbase>().use(() => new httpcontextwrapper(httpcontext.current));tried
onactionexecuted,onactionexecuting,onresultexecuting- used
iauthenticationmanagerin identity 2.0
how can solve issue?
after execution of signinmanager.passwordsigninasync, authentication cookie created includes user info. user.identity info filled claims authentication cookie, not parsed yet (this cookie parsed in second request server, not in same login request). that's why can't use user.identity after passwordsigninasync. @ specific point, have 1 option find userid:
string userid = usermanager.findbyname(model.email)?.id;
Comments
Post a Comment