0

I have .NET Core app with .NET Core Identity. I've setup shared cookie into Startup.cs:

services.AddIdentity<User, Role>()
    .AddEntityFrameworkStores<DataContext>()
    .AddDefaultTokenProviders();

services.ConfigureApplicationCookie(options =>
{
    options.Cookie.Name = ".AspNet.SharedCookie";
});

services.AddAuthentication()

...

app.UseAuthentication();
app.UseAuthorization();

Also I have 2nd .NET Core app where I don't have authentication at all but want to use just that SharedCookie and I did the following in the Startup.cs:

services.AddAuthentication("Identity.Application")
    .AddCookie("Identity.Application", options =>
    {
        options.Cookie.Name = ".AspNet.SharedCookie";
    });

...

app.UseAuthentication();
app.UseAuthorization();

and on controller actions I set attribute [Authorize].

I logged in into 1st app and go to 2nd app and see error /Account/Login... page doesn't exist.

Yes I don't have that page but why do I see this issue? Did I forget anything to add in my code? And one more question: what's SharedCookie string? Is it random string or it's encoded some user data? can I extract any info from that SharedCookie, for example Id of User?

A. Gladkiy
  • 3,134
  • 5
  • 38
  • 82

1 Answers1

0

So my solution was to add DataProtection step to both apps:

if (!Env.IsDevelopment())
{
    services.AddDataProtection()
        .PersistKeysToFileSystem("{PATH TO COMMON KEY RING FOLDER}")
        .SetApplicationName("SharedCookieApp");
}

And one more question: what's SharedCookie string? Is it random string or it's encoded some user data? can I extract any info from that SharedCookie, for example Id of User?

Yes, I can extract Id, Email of user in the following way:

var id = HttpContext.User.FindFirstValue(ClaimTypes.NameIdentifier);
var email = HttpContext.User.FindFirstValue(ClaimTypes.Email);
A. Gladkiy
  • 3,134
  • 5
  • 38
  • 82