Hello, I configured both Web.Host and Web.Public to run at the same time in VS 2017.
Each website runs on its own Port.
When I click Login on the Public website, I am redirected to the Login page of the Web.Host.
In VS 2017, they are two websites or apps, possible they will be hosted separately.
How does it work to authenticate the public website using the Web.Host app? Can those 2 websites share sessions/cookies? I am lost a bit here.
Thanks
8 Answer(s)
-
0
Hi,
Both sites does not share cookies. We applied a bit tricky method to login user on public website from admin website.
When a user wants to login on public website, we redirect user to admin, then user logs in on admin website. After that, we set a unique value on user entity and redirect to public website with this value. Public website finds the user with this unique value and automatically logs in that user on public website.
Thanks.
-
0
Great. CN you show me source code where you add that unique key and how the public website retrieves them? *I appreciate it
-
0
Hi,
I don't remember the places exactly at the moment but you can search for SignInToken (it is a field on User entity) keyword to see those fields. Let me know if you cannot find it.
Thanks.
-
0
So based on the SignInToken, the public website generate a valid ASP.NET Authentication Ticket based on the value contained in SignInToken?
-
0
Hi,
Actually, SignInToken on user entity is only used for comparison here <a class="postlink" href="https://github.com/aspnetzero/aspnet-zero-core/blob/dev/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Web.Public/Controllers/AccountController.cs#L48">https://github.com/aspnetzero/aspnet-ze ... ler.cs#L48</a>
If the token sent from admin website matches the one on user entity, we log the user in.
Thanks.
-
0
Great. Thanks.
So in the public website you just wait for this token. You validate it against DB and then accordingly issue the authentication ticket manually.
-
0
Yes, exactly.
-
0
Thanks
