Make sure you use AuthenticationManager.Signout(DefaultAuthenticationTypes.ApplicationCookie); as correctly suggested by Jamie. Being able to login with the same cookie again is by design. Identity does not create internal sessions to track all logged-in users and if OWIN gets cookie that hits all the boxes (i.e. copies from the previous session), it’ll let you login. If you … Read more
If you’re using the default project template, the UserManager gets created the following way: In the Startup.Auth.cs file, there’s a line like this: app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create); that makes OWIN pipeline instantiate an instance of ApplicationUserManager each time a request arrives at the server. You can get that instance from OWIN pipeline using the following code inside a … Read more
There is no way to do this asynchronously with the UserManager class directly. You can either wrap it in your own asynchronous method: (this might be a bit evil) public async Task<IQueryable<User>> GetUsersAsync { return await Task.Run(() => { return userManager.Users(); } } Or use the ToListAsync extension method: public async Task<List<User>> GetUsersAsync() { using … Read more
I had problems too trying to use a custom SignInManager and turns out to be really easy after all to implement. In Startup.cs, after the default implementation of services.Identity services.AddIdentity<ApplicationUser, IdentityRole>() .AddEntityFrameworkStores<ApplicationDbContext>() .AddDefaultTokenProviders(); You only need to inject into the built-in DI the following: services.AddScoped<SignInManager<MyApplicationUser>, MySignInManager>(); The default SignInManager is overwrited by the custom one.
Not an expert, but … There seemed to be no built in funcionality for this in Identity and I could not get it work from built in Roles also (it seems to not work with claims based Identity). So I ended up doing something like this: var users = context.Users .Where(x => x.Roles.Select(y => y.Id).Contains(roleId)) … Read more
I had this problem before, change: AuthenticationManager.SignOut(); To: AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie); Assuming that you are using ApplicationCookie to store your login information.
I know this is old, but I disagree with the accepted answer, since the question is tagged as asp.net-identity-2. For the benefit of future readers, ASP.NET Identity 2.0 has a very simple solution to this problem: public class ApplicationUserManager : UserManager<ApplicationUser> { …snip… public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context) { var manager = new … Read more
Taken from a Katana Thread I devised the following: Change the FacebookAuthenticationOptions to include BackchannelHttpHandler and UserInformationEndpoint as seen below. Make sure to include the names of the fields you want and need for your implementation. var facebookOptions = new FacebookAuthenticationOptions() { AppId = “*”, AppSecret = “*”, BackchannelHttpHandler = new FacebookBackChannelHandler(), UserInformationEndpoint = “https://graph.facebook.com/v2.4/me?fields=id,name,email,first_name,last_name” … Read more
The UseOAuthBearerTokens extension method creates both the token server and the middleware to validate tokens for requests in the same application. Pseudocode from source using reflector: UseOAuthAuthorizationServer(); // authorization server middleware UseOAuthBearerAuthentication(ApplicationOAuthBearerProvider); // application bearer token middleware UseOAuthBearerAuthentication(ExternalOAuthBearerProvider); // external bearer token middleware
In the MVC project template in VS2013 Update 2, there should be a file called App_Start/IdentityConfig.cs. In it you should find the class ApplicationUserManager and a static factory method called Create(). That’s where the user manager class is configured, including the server-side validation rules for passwords are defined. For example: manager.PasswordValidator = new PasswordValidator { … Read more