After checking a user's credentials and confirming they are good, I'm using FormsAuthentication.SetAuthCookie("Username", false);
to authenticate the user.
In the masterpage I then use Page.User.Identity.IsAuthenticated
to make sure we're dealing with a logged in user and not a guest.
The problem lies in first setting the auth cookie. When I set the auth cookie, immediately afterwards I run a method that uses Page.User.Identity.IsAuthenticated
to change the welcome message from a generic "Welcome, guest!" message to a more personal "Welcome, username!" message. This does not work until I go to another page, so I know the login process has worked, but it seems I cannot access the information I need until a refresh or a redirect happens.
Do I need to redirect the user after setting the auth cookie in order use Page.User.Identity.IsAuthenticated
to change the message?
I have seen this before so I know the answer is yes. (As in, yes you do need to redirect the user to correctly use
Page.User.Identity.IsAuthenticated
)What I imagine is the cause is because
IsAuthenticated
evaluates the current request, and when the current request first came in it was recorded as not authenticated.What you will need to do is apply whatever logic you have in said method without the check for
IsAuthenicated
(make it assume true).Now I don't know the details of your method as to suggest how to re-factor it to cope with this, but you could split out the "Do Stuff" part into a separate function which you could then call directly from you login function to bypass the authentication check.
EDIT: To back up my assumption you can read this page.
The interesting part:
I'd like to point out that there's actually a way around this (since I've never seen this said in any other question like this). You can retrieve the cookie and its data where User.Identity's information comes from without a redirect. The thing is, the cookie just hasn't been sent to the browser yet.
It simply gets the cookie made by FormsAuthentication from the Response.Cookies object: