Custom mvc widget login

Posted by Community Admin on 04-Aug-2018 13:19

Custom mvc widget login

All Replies

Posted by Community Admin on 12-Oct-2016 00:00

Hi Telerik,

I developed my own mvc widget login to control access to my controllers by using [Authorize] attribute, ex:

[ControllerToolboxItem(Name = "TestController", Title = "Test", SectionName = "MVC")]
[Authorize]
public class TestController : Controller
        public ActionResult Index()
       
            return View("Index", new TestViewModel());
       

 

I also created a startup class at the root of the project :

[assembly: OwinStartupAttribute(typeof(SitefinityWebApp.Startup))]
namespace SitefinityWebApp
    public class Startup
    
        public void Configuration(IAppBuilder app)
        
             
 
            int? SessionDuration = 1;
            string CookieName = "COOKIECOOKIE";
 
            if (SessionDuration.HasValue)
            
                app.UseCookieAuthentication(new CookieAuthenticationOptions
                
                    ExpireTimeSpan = TimeSpan.FromMinutes(SessionDuration.Value),
                    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                    CookieName = CookieName
                     
                );
            
            else
            
                app.UseCookieAuthentication(new CookieAuthenticationOptions
                
                    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                    CookieName = CookieName
                     
                );
            
        
    

 

So now, i can connect through that widget and access to the view return by my controller. If i'm not connected, i have no access to that view.

 

Here is the thing : When i'm connected through my widget, and then i want to connect to the back-end with my admin user (in the same browser - it is ok in 2 differents browsers), i have the error you can see in attachment.

What i found is there is a conflict with the cookie "COOKIECOOKIE" i created because when i delete that cookie (or when it is automatically deleted when expired), i can access to the back-end.

Do you have any idea what is happening here ?

Thanks for your help.

Regards.

 

 

This thread is closed