Inhalte aufrufen

Profilbild

When running the project from the solution, log in attempts do not work


  • Bitte melden Sie sich an, um eine Antwort zu verfassen.
4 Antworten zu diesem Thema

#1 altmoola

altmoola

    Advanced Member

  • Members
  • PunktPunktPunkt
  • 66 Beiträge

Geschrieben: 06 May 2020 - 17:08

I can't quite figure this out. When I run my website on a localhost and attempt to log in with credentials that 100% are correct, the code appears to log in but this does not actually occur on the website. It remains as "Log in".

 

What could possibly be causing this? When I step through the code everything appears to be working properly. It even sets the WorkContext to the correct customer, but when it laters renders the ShopBar and looks for the CurrentCustomer it is set to the previously created guest ID.



#2 Marcus Gesing

Marcus Gesing

    SmartStore AG

  • Administrators
  • 3799 Beiträge

Geschrieben: 07 May 2020 - 11:04

Does it help to delete the browser cookies?


Marcus Gesing

Smartstore AG


#3 altmoola

altmoola

    Advanced Member

  • Members
  • PunktPunktPunkt
  • 66 Beiträge

Geschrieben: 07 May 2020 - 18:04

Unfortunately it does not help. I've tried in Chrome, Edge, Firefox with cleared cookies and it still just redirects back to the home page as if it had logged in but then it still shows "LOG IN" at the top.



#4 altmoola

altmoola

    Advanced Member

  • Members
  • PunktPunktPunkt
  • 66 Beiträge

Geschrieben: 11 May 2020 - 18:20

So far I've been able to isolate that it appears related to the HttpContext.User property when a new instance of the FormsAuthenticationService is instantiated. The User is never of type SmartStorePrincipal even after I've logged in. If I cache the SignIn to a static SmartStorePrincipal and then set that on the FormsAuthenticationService constructor (highly insecure I know - this is just for testing) then it works:

 

    private static SmartStorePrincipal _cachedPrincipal; // TESTING PURPOSES ONLY

    public FormsAuthenticationService(HttpContextBase httpContext, ICustomerService customerService, 
                                      CustomerSettings customerSettings)
    {
        _httpContext = httpContext;
        _httpContext.User = _cachedPrincipal; // TESTING PURPOSES ONLY
        _customerService = customerService;
        _customerSettings = customerSettings;
        _expirationTimeSpan = FormsAuthentication.Timeout;
    }

    public virtual void SignIn(Customer customer, bool createPersistentCookie)
    {
        ...

        _httpContext.Response.Cookies.Add(cookie);

        // TESTING PURPOSES ONLY
        _cachedPrincipal = new SmartStorePrincipal(customer, Net.WebApi.HmacAuthentication.Scheme1);
        _cachedCustomer = customer;
    }
 

Everything works normally in production and my test domain. Since the IAuthenticationService is mapped as InstancePerRequest, what can cause the HttpContext.User property to NOT be the authenticated user after a SignIn (as that appears to be the problem)?

 

The other thing I've noticed is that everytime the WebWorkContext is created, even if I've logged in and there is a valid authentication ticket in the cookies, the CurrentCustomer always returns the guest customer, specifically the line customer = _authenticationService.GetAuthenticatedCustomer(); never returns the logged in user.



#5 altmoola

altmoola

    Advanced Member

  • Members
  • PunktPunktPunkt
  • 66 Beiträge

Geschrieben: 11 May 2020 - 19:31

Turns out it was Occam's razor. The project was not debugging with SSL enabled so the authentication cookie was not being propagated through the HttpContext.