Geek asks and answers

MVCAuthenticationTicket UserData Update Tool at Run Time

I am writing a MVC 4 web application with custom authentication and authorization . When a user logs in to the site, I create a FormsAuthenticationTicket and save it in a cookie

public void SignIn(string userName, bool createPersistentCookie, string UserData)
{
    if (String.IsNullOrEmpty(userName)) throw new ArgumentException("Value cannot be null or empty.", "userName");

    // Create and tuck away the cookie
    FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, userName, DateTime.Now, DateTime.Now.AddDays(15), createPersistentCookie, UserData);
    // Encrypt the ticket.
    string encTicket = FormsAuthentication.Encrypt(authTicket);

    //// Create the cookie.
    HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
    HttpContext.Current.Response.Cookies.Add(faCookie);
}

The string UserData strong> will be a string with restrictions on the channels and will always contain at least two elements: UserID | The UserRole . A user can be assigned to one or more roles, so UserData may look like this: UserID | UserRole | UserRole | UserRole

Then I have my own own shared in Global.asax

protected void Application_AuthenticateRequest(Object sender, EventArgs e)
{

        // Get the authentication cookie
        string cookieName = FormsAuthentication.FormsCookieName;
        HttpCookie authCookie = Context.Request.Cookies[cookieName];

        // If the cookie can't be found, don't issue the ticket
        if (authCookie == null) return;

        // Get the authentication ticket and rebuild the principal
        // & identity
        FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);

        string[] UserData = authTicket.UserData.Split(new Char[] { '|' });

        GenericIdentity userIdentity = new GenericIdentity(authTicket.Name);
        GenericPrincipal userPrincipal = new GenericPrincipal(userIdentity, UserData);
        Context.User = userPrincipal;
}

, , , , , , .

, , , , , FormsAuthenticationTicket UserData​​strong > , , . , UserData​​strong > 1 | p > , , , , UserData​​strong > FormsAuthenticationTicket ...

, , , ?

.

.

+5
2

FormsAuthenticationTicket.

HttpCookie cookie = FormsAuthentication.GetAuthCookie(Username, true);
var ticket = FormsAuthentication.Decrypt(cookie.Value);

var newticket = new FormsAuthenticationTicket(ticket.Version,
                                              ticket.Name,
                                              ticket.IssueDate,
                                              ticket.Expiration,
                                              true, 
                                              "new user data",
                                              ticket.CookiePath);

cookie.Value = FormsAuthentication.Encrypt(newticket);
cookie.Expires = newticket.Expiration.AddHours(24);
HttpContext.Current.Response.Cookies.Set(cookie);
+7

, , . , , Dzenan ( , , ).

, SelectedRole. IPrincipal, .

cookie, , , , (.. SelectedRole = Admin, , , ).

+1

More articles:


All Articles