Asp.net core 2.0 - cookie authentication

Question

0.00/5 (No votes)

See more:

I have implemented claim based authentication in asp.net core 2.0 application. but "

var identity = (ClaimsPrincipal)Thread.CurrentPrincipal;

return null spme time not always.

What I have tried:

Startup.cs:

services.AddAuthentication("TalesSecurityScheme")
                   .AddCookie("TalesSecurityScheme", options =>
                   {
                       options.AccessDeniedPath = new PathString("/Security/Access");
                       options.Cookie = new CookieBuilder
                       {
                           //Domain = "",
                           HttpOnly = true,
                           Name = ".Tales.Security.Cookie",
                           Path = "/",
                           SameSite = SameSiteMode.Lax,
                           SecurePolicy = CookieSecurePolicy.SameAsRequest
                       };

options.LoginPath = new PathString("/Login/StartPage");
                      options.ReturnUrlParameter = "RequestPath";
                      options.SlidingExpiration = true;
                  });

LoginPage:

// create claims
          List<Claim> claims = new List<Claim>
          {
              new Claim(ClaimTypes.Name, EncrypterDecrypter.Encrypt(loginEntity.UserName)),
              new Claim(ClaimTypes.Email, EncrypterDecrypter.Encrypt(loginEntity.Email)),
              new Claim(ClaimTypes.Role, loginEntity.Role),
              new Claim(ClaimTypes.Gender, EncrypterDecrypter.Encrypt(loginEntity.Gender)),                 new Claim(ClaimTypes.Sid, EncrypterDecrypter.Encrypt(loginEntity.UserId))
          };

          // create identity
          ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie");


          // create principal
          ClaimsPrincipal principal = new ClaimsPrincipal(identity);

          // Set current principal
          Thread.CurrentPrincipal = principal;
          HttpContext.User = principal;

          // sign-in
          await HttpContext.SignInAsync(
                  scheme: "TalesSecurityScheme",
                  principal: principal,
                  properties: new AuthenticationProperties
                  {
                      //IsPersistent = true,
                      ExpiresUtc = DateTime.UtcNow.AddMinutes(_config.Value.CookieTimeout)
                  });

Home:

var identity = (ClaimsPrincipal)Thread.CurrentPrincipal;

          if (identity != null)
          {
              // Get the claims values
              result = identity.Claims.Where(c => c.Type == ClaimTypes.Email)
                             .Select(c => c.Value).SingleOrDefault();
          }

So SOme time returning null in

identity

variable. Please suggest where i m doing wrong.

Posted 9-Apr-18 0:52am

Pramod Singh (C)

Updated 9-Apr-18 4:13am

v2

Add a Solution

3 solutions

Solution 1

You can find you solution from here : ASP.NET Core 2.0 Cookie Authentication[^]

Posted 9-Apr-18 2:13am

Dinesh Singh Kushwaha (Dev)

Updated 9-Apr-18 2:22am

Comments

Pramod Singh (C) 9-Apr-18 9:13am

Yes Dinesh, I have been implemented from same link but some time work fine and some time returning null value from (ClaimsPrincipal)Thread.CurrentPrincipal;

Solution 2

You can find your answer from here : [^]

Posted 9-Apr-18 2:15am

Dinesh Singh Kushwaha (Dev)

Updated 9-Apr-18 2:21am

Comments

CHill60 9-Apr-18 8:28am

Did you know that you can use the green "Improve solution" to add more information to your post? That is better than posting multiple solutions to the same question which can be confusing

Pramod Singh (C) 9-Apr-18 9:13am

Yes Dinesh, I have been implemented from same link but some time work fine and some time returning null value from (ClaimsPrincipal)Thread.CurrentPrincipal;

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Ryan Peden · Accepted Answer · 2018-04-09T04:15:00

It seems like the code where you're running:

var identity = (ClaimsPrincipal)Thread.CurrentPrincipal;

is probably running on different thread than the one where you saved the claims principal.

Instead, try using ASP.NET Core's dependency injection to inject an IHttpContextAccessor. Then you could do something like this:

var context = _httpContextAccessor.HttpContext;
var user = context.User;

And once you've got the user, you can of course access all of the User's claims and do whatever you need to do with them.