We have an extra mandatory step after a user signs into our MVC5 site. This is because some users have access to multiple offices. I got some help with how to enforce with this SO question, Adding extra step to ASP.NET MVC authentication
Once the user has performed that step I need to stash their office selection in the authentication cookie.
- How do I store extra data into the authentication cookie, after
Login has been completed?
- Is the correct method of accessing that extra data a custom Identity class?
You can use claims to provide extra data. There is a ClaimsIdentity
class, that you can use to add extra claims and look into the claims. You can also use Filters
for Action Methods
and Controllers
to be only accessible with specific claims.
I'm not good in explaining this in detail, but following the link you find some free chapters from an eBook from Apress (100 pages). The specific chapter would be chapter 15, but you'll gain a good insight in the whole Identity Management reading through the whole document.
Free eBook Pages from Apress