All geek questions in one place

Populating IAuthSession with Database Data

So, I created a custom CredentialsAuthProvider using ServiceStack according to the examples given here: https://github.com/ServiceStack/ServiceStack/wiki/Authentication-and-authorization

I have an authentication side, but I'm not sure how I populate the session with data from the database in the OnAuthenticated method. In this example, they show the following:

//Fill the IAuthSession with data which you want to retrieve in the app eg: session.FirstName = "some_firstname_from_db";

In the TryAuthenticate method, I have a username / password that I can use to authenticate the user with the database, but as soon as it goes to the OnAuthenticated method, how / what do I use to access / get user information from the database?

+3
source share
2 answers

Another good example of a ServiceStack CustomUserSession is in the SocialBootstrapApi project. Instead of retrieving information from the data, it retrieves the information from the UserSession and populates its own user user table using the registered DB Factory authorized from the AppHost IOC:

 authService.TryResolve<IDbConnectionFactory>().Run(db => db.Save(user));

Instead of using it to retrieve and save data from a user session, you can also use any of your registered dependencies to retrieve data and populate the session with:

 public override void OnAuthenticated( IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary<string, string> authInfo) { using (var db = authService.TryResolve<IDbConnectionFactory>().OpenDbConnection()) { var user = db.Id<MyUser>(session.UserId); session.FirstName = user.FirstName; } }
+5
source

I know this is an older thread, but it may still be appropriate, because by September 2012 it had not significantly improved in terms of accessibility of the ServiceStack documentation, clarity of examples or even comments in the code. ( @mythz: It would be very helpful if you guys could add meaningful summaries for all your classes and methods.)

I struggled with the same dilemma until I looked at the actual CredentialsAuthProvider code (which, in general, is pretty much the only way to understand how everything works in ServiceStack). OnAuthenticated is called immediately after TryAuthenticate inside the Authenticate method, so I figured it wasn’t necessary to make all your database calls in OnAuthenticated, as @mythz suggests in my examples. Instead, I put the code that populates the IAuthSession object directly in my TryAuthenticate implementation, for example:

 public override bool TryAuthenticate(IServiceBase authService, string userName, string password) { try { // Use my own repo to authenticate the user. var userRepo = authService.TryResolve<IUserRepository>(); var user = userRepo.Authenticate(userName, password); // Populate session properties with data from my user POCO. var session = authService.GetSession(); session.Id = user.CurrentSession.ID.ToString(); session.IsAuthenticated = true; session.CreatedAt = DateTime.UtcNow; session.DisplayName = session.FirstName = session.LastName = user.FullName; session.UserAuthName = session.UserName = user.Username; session.UserAuthId = user.ID.ToString(); } catch (Exception ex) { // Log the exception, etc.... return false; } return true; }

However, you still have to override OnAuthenticated to save the cookie in the HTTP response (which I believe is required for subsequent requests from the same browser that needs to be authenticated), since the base implementation only sets the cookie if it finds IUserAuthRepository in the IOC container which in my case will not happen because I use my own repository. So my implementation now looks like this:

 public override void OnAuthenticated(IServiceBase authService, IAuthSession session, IOAuthTokens tokens, Dictionary<string, string> authInfo) { try { // Save the browser cookie. var httpRes = authService.RequestContext.Get<IHttpResponse>(); if (httpRes != null) { httpRes.Cookies.AddPermanentCookie(HttpHeaders.XUserAuthId, session.UserAuthId); } // Save the user session object (ServiceStack stores it in the in-memory cache). authService.SaveSession(session, SessionExpiry); } catch (Exception ex) { // Log the exception, etc.... } }

@mythz: Please let me know if this makes sense or not.

+6
source

Source: https://habr.com/ru/post/1436685/

More articles:


All Articles