Serenity Software
Authentication and Authorization #7249
Unanswered
SeekingAnswers123
asked this question in
Help
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi,
When is HttpContextAccessor.HttpContext.User.Identity.IsAuthenticated supposed to get set to true? In this application that someone else wrote using Serenity, it never gets set to true and I don't know why. Username and password are validated successfully with this method:
if (Dependency.Resolve<Serenity.Abstractions.IAuthenticationService>().Validate(ref username, request.Password))
{
WebSecurityHelper.SetAuthenticationTicket(username, false);
UserLoginLog(username, true);
}
Then this is used for checking permission:
public Microsoft.Extensions.Logging.ILogger Logger { get; }
public IHttpContextAccessor HttpContextAccessor { get; }
public PermissionService (Microsoft.Extensions.Logging.ILogger logger, IHttpContextAccessor httpContextAccessor) {
Logger = logger;
HttpContextAccessor = httpContextAccessor;
}
if (!HttpContextAccessor.HttpContext.User.Identity.IsAuthenticated) {
Logger.LogInformation("Permission denied for unauthenticated user: {0}", Authorization.Username);
return false;
}
Beta Was this translation helpful? Give feedback.
All reactions