0

i'm using ASP.NET MVC5 with the latest Identity and Signalr on the server and have .NET client app. Currently i have working auth logic implemented but i don't get it how can i get auth failure in .NET desktop client?

Here is my .NET desktop client auth code:

        private static async Task<bool> AuthenticateUser(string siteUrl, string email, string password)
    {
        try
        {
            var handler = new HttpClientHandler { CookieContainer = new CookieContainer() };

            using (var httpClient = new HttpClient(handler))
            {
                var loginUrl = siteUrl + "Account/Login";

                _writer.WriteLine("Sending http GET to {0}", loginUrl);

                var response = await httpClient.GetAsync(loginUrl);
                var content = await response.Content.ReadAsStringAsync();
                _verificationToken = ParseRequestVerificationToken(content);
                content = _verificationToken + "&UserName="+email+"&Password="+password+"&RememberMe=false";

                _writer.WriteLine("Sending http POST to {0}", loginUrl);

                response = await httpClient.PostAsync(loginUrl, new StringContent(content, Encoding.UTF8, "application/x-www-form-urlencoded"));
                content = await response.Content.ReadAsStringAsync();
                _verificationToken = ParseRequestVerificationToken(content);


                _connection.CookieContainer = handler.CookieContainer;
                return true;
            }
        }
        catch (Exception ex)
        {

            Logger.Log(ex, "Auth");
            return false;
        }
    }

where _connection is a hub connection which receives cookie needed for hub auth. The problem is that httpCLient.PostAsync() always return valid result and i don't get it how i can implement auth failure detection.

Here is server login code:

        // POST: /Account/Login
    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
    {
        if (ModelState.IsValid)
        {
            var user = await UserManager.FindAsync(model.UserName, model.Password);
            if (user != null)
            {
                await SignInAsync(user, model.RememberMe);
                return RedirectToLocal(returnUrl);
            }
            else
            {
                ModelState.AddModelError("", "Invalid username or password.");
            }
        }

        // If we got this far, something failed, redisplay form
        return View(model);
    }

On failure it just adds error string on the page.

Please advice what is the better way to implement auth result.

Improve this question

1 Answer 1

Reset to default
0

This is strange that i got no single answer for this question. I've come to an intermediate solution:

  1. Add unique hidden tags for login and index pages (on failure login page is displayed again, on success - index page)

    <div style="display: none;" id="@SharedData.Constants.INDEX_PAGE_TAG"></div>
  2. In .NET client check content string for the specific tag presence.

I don't think this the preformance-wise solution but at least it works...

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.