I'm new to ASP.Net Core and trying to create an user authentication system. I'm using ASP.Net Core Identity user management. I have the below code for logging in an user.

/Areas/Identity/Pages/Account/Login.cshtml.cs

public async Task<IActionResult> OnPostAsync(string returnUrl = null)
{
    returnUrl = returnUrl ?? Url.Content("~/");

    if (ModelState.IsValid)
    {
        // This doesn't count login failures towards account lockout
        // To enable password failures to trigger account lockout, set lockoutOnFailure: true
        var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true);

        if (result.Succeeded)
        {
            _logger.LogInformation("User logged in.");
            _logger.LogInformation(User.Identity.IsAuthenticated.ToString());

            return LocalRedirect(returnUrl);
        }
        if (result.RequiresTwoFactor)
        {
            return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe });
        }
        if (result.IsLockedOut)
        {
            _logger.LogWarning("User account locked out.");
            return RedirectToPage("./Lockout");
        }
        else
        {
            ModelState.AddModelError(string.Empty, "Invalid login attempt.");
            return Page();
        }
    }

    // If we got this far, something failed, redisplay form
    return Page();
}

Startup.cs

public void ConfigureServices(IServiceCollection services)
{
    services.Configure<CookiePolicyOptions>(options =>
    {
        // This lambda determines whether user consent for non-essential cookies is needed for a given request.
        options.CheckConsentNeeded = context => true;
        options.MinimumSameSitePolicy = SameSiteMode.None;
    });

    services.AddDbContext<ApplicationDbContext>(options =>
    {
        options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection"));
    });

    services.AddDefaultIdentity<IdentityUser>().AddEntityFrameworkStores<ApplicationDbContext>();

    services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);

    // Use a unique identity cookie name rather than sharing the cookie across applications in the domain.
    services.ConfigureApplicationCookie(options =>
    {
        options.Cookie.Name = Configuration["CookieName"];
    });

    // Add SAML SSO services.
    services.AddSaml(Configuration.GetSection("SAML"));

    services.AddTransient<IPasswordHasher<IdentityUser>, CustomPasswordHasher>();
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
        app.UseDatabaseErrorPage();
    }
    else
    {
        app.UseExceptionHandler("/Error");
        app.UseHsts();
    }

    app.UseHttpsRedirection();
    app.UseStaticFiles();
    app.UseCookiePolicy();

    app.UseAuthentication();

    app.UseMvc(routes =>
    {
        routes.MapRoute(
            "default",
            "{controller=Home}/{action=Index}/{id?}");
    });
}

I need to set some attributes in the cookies when the user logs in, but I always get User.Identity.IsAuthenticated false even if it shows User logged in in the logger and PasswordSignInAsync succeeds. How to log in the user inside OnPostAsync ?

N.B: User is logged in when redirected to home page after PasswordSignInAsync succeeds.

I've already checked this question but it didn't solve my issue.

For User.Identity.IsAuthenticated, it only works for sub-request after PasswordSignInAsync.

You could try options below:

1. Redirect to another action to set the cookies.

   public class LoginModel : PageModel
   {
       private readonly SignInManager<IdentityUser<int>> _signInManager;
       private readonly ILogger<LoginModel> _logger;
   
       public LoginModel(SignInManager<IdentityUser<int>> signInManager, ILogger<LoginModel> logger)
       {
           _signInManager = signInManager;
           _logger = logger;
       }
   
       //rest code
   
       public async Task<IActionResult> OnPostAsync(string returnUrl = null)
       {
           returnUrl = returnUrl ?? Url.Content("~/");
   
           if (ModelState.IsValid)
           {
               // This doesn't count login failures towards account lockout
               // To enable password failures to trigger account lockout, set lockoutOnFailure: true
               var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true);
               if (result.Succeeded)
               {
                   _logger.LogInformation("User logged in.");
                   return LocalRedirect($"~/Identity/Account/Login?handler=SetIdentity&returnUrl={returnUrl}");
               }
               if (result.RequiresTwoFactor)
               {
                   return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe });
               }
               if (result.IsLockedOut)
               {
                   _logger.LogWarning("User account locked out.");
                   return RedirectToPage("./Lockout");
               }
               else
               {
                   ModelState.AddModelError(string.Empty, "Invalid login attempt.");
                   return Page();
               }
           }
   
           // If we got this far, something failed, redisplay form
           return Page();
       }
   
       public async Task<IActionResult> OnGetSetIdentityAsync(string returnUrl)
       {
           _logger.LogInformation(User.Identity.IsAuthenticated.ToString());
   
           return LocalRedirect(returnUrl);
       }
   }
   

2. Use _signInManager.CreateUserPrincipalAsync

   public async Task<IActionResult> OnPostAsync(string returnUrl = null)
   {
       returnUrl = returnUrl ?? Url.Content("~/");
   
       if (ModelState.IsValid)
       {
           // This doesn't count login failures towards account lockout
           // To enable password failures to trigger account lockout, set lockoutOnFailure: true
           var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure: true);
           if (result.Succeeded)
           {
               var user = await _signInManager.UserManager.FindByEmailAsync(Input.Email);
               var userPrincipal = await _signInManager.CreateUserPrincipalAsync(user);
               var identity = userPrincipal.Identity;
               return LocalRedirect(returnUrl);
           }
           if (result.RequiresTwoFactor)
           {
               return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe });
           }
           if (result.IsLockedOut)
           {
               _logger.LogWarning("User account locked out.");
               return RedirectToPage("./Lockout");
           }
           else
           {
               ModelState.AddModelError(string.Empty, "Invalid login attempt.");
               return Page();
           }
       }
   
       // If we got this far, something failed, redisplay form
       return Page();
   }