Forms authentication not working with jQuery

Question

I am doing forms authentication as follows:

                if (strRole != null)
            {
                FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                   1,                            // version
                   username,                      // user name
                   DateTime.Now,                 // create time
                   DateTime.Now.AddSeconds(500),  // expire time
                   false,                        // persistent
                   strRole);                     // user data

                string strEncryptedTicket = FormsAuthentication.Encrypt(ticket);
                HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, strEncryptedTicket);
                Context.Response.Cookies.Add(cookie);
                return true;
            }

then on another page i have jQuery as follows

$.ajax({
    type: "POST",
    crossOrigin: true,
    url: "./WebService.asmx/Login",
    data: JSON.stringify({'username':username,'password':password}),
    contentType: "application/json; charset=utf-8",
    dataType: "json",
    success: function (response) {
        if (response.d === true) {
            $(location).attr('href', '/dash/dashboard.aspx')
        }
        else {
            ShowErrorModal("Invalid login or password.","login");
        }
    }
});

the issue is in the on_load event of dashboard.aspx page, the following is always false

HttpContext.Current.User.Identity.IsAuthenticated

the question is what does it consider user is not authenticated.

any help will be much appreciated.

It seems almost ok. Did you debug and see the username/password get passed properly? — AT-2017, Dec 13 '16 at 05:55
yes, i have inspected the "cookie" variable and there is data within. — user1144596, Dec 13 '16 at 05:59
Ajax looks fine. I guess, the issue is with the C# code. What's the **strRole** for and does it get the value? — AT-2017, Dec 13 '16 at 06:05
strRole is the users role, which is custom and i add it. i havent reached the point where i can access it because it leads me to believe that user is not authenticated. — user1144596, Dec 13 '16 at 06:09
Ah! Great. Good to know that. What have you done in that file? — AT-2017, Dec 13 '16 at 06:17

score 1 · Answer 1 · edited May 23 '17 at 11:45

Adding the following solved in global.asax.cs the problem

    protected void Application_AuthenticateRequest(Object sender, EventArgs e)
    {
        string cookieName = FormsAuthentication.FormsCookieName;
        HttpCookie authCookie = Context.Request.Cookies[cookieName];

        if (authCookie == null)
        {
            return;
        }
        FormsAuthenticationTicket authTicket = null;
        try
        {
            authTicket = FormsAuthentication.Decrypt(authCookie.Value);
        }
        catch
        {
            return;
        }
        if (authTicket == null)
        {
            return;
        }
        string[] roles = authTicket.UserData.Split(new char[] { '|' });
        FormsIdentity id = new FormsIdentity(authTicket);
        GenericPrincipal principal = new GenericPrincipal(id, roles);

        Context.User = principal;
    }

Taken from https://stackoverflow.com/a/8490241/1144596

Forms authentication not working with jQuery

1 Answers1