I'm having problem with getting ServiceStack [Authentication] attribute to work in ASP.Net MVC4 controller, pages / action methods with the attribute keep redirecting Users to the login page even after the login details are submitted correctly.
I've followed the SocialBootstrapApi example, with the difference being that all the authentication web service calls are made from the controllers:
this.CreateRestClient().Post<RegistrationResponse>("/register", model);
Other things that I've done so far:
- Use my own user session implementation subclassing AuthUserSession (not too different from the example, but using my own implementation of User table)
- Inherit ServiceStackController on my BaseController, overriding the default login URL
- Enable Auth feature in AppHost with my user session implementation
Registration does work, user auth logic works (even though the session does not persist), and I can see the ss-id
and ss-pid
cookies in the request.
So my complete list of questions:
- How do I make the [Authenticate] attribute work (or, what did I do wrong)?
- How do I save and reuse the user session in an MVC controller? At the moment
this.UserSession
is always null.
- How do I logout a user?
this.CreateRestClient().Get<AuthResponse>("/auth/logout");
does not seem to work.
Update 1:
The session cookies (ss-id
and ss-pid
) gets created when I attempt to load the secured page (ones with [Authenticate] attribute), before any credentials get submitted. Is this the expected behaviour?
Update 2:
I can see that the session is saved in MemoryCacheClient
, however trying to retrieve it in the base controller via this.Cache.Get<CustomUserSession>(SessionKey)
returns null (where SessionKey is like: urn:iauthsession:1
)
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…