So I have umbracoIdentity and Micosoft.Owin.Security.Facebook, all playing nicely with members created via facebook authentication. (umb 8.5.2)
Setting the authentication cookie as persistent I assumed that returning to the site after closing the browser I should see that I'm automatically logged in without having to reauthenticate agains the provider? I'm not seeing that, I have to use login with facebook each session and hit the continue (app already has access) button.
Also I am correct in thinking that once logged in I'm then an umbraco member with its timeout setting, and at that point, I wouldn't get asp.net identity checking for expired tokens and getting one reissued automatically? Or is that not what asp.net identity does eg replace forms authentication and check on each request I still have access at the provider? Or have I completely misunderstood the infrastructure here?
Also if I wanted to use the permission to fetch posts from facebook for the logged in member would I then need to also store the access_token against the member profile?
Sorry for the probably simplistic questions, but I can't see much documentation for how this is used in anger once past the initial sync external authentication to an umbraco member?
Cheers.
UmbracoIdentity (asp.net identity) usage clarification/further explanation
So I have umbracoIdentity and Micosoft.Owin.Security.Facebook, all playing nicely with members created via facebook authentication. (umb 8.5.2)
Setting the authentication cookie as persistent I assumed that returning to the site after closing the browser I should see that I'm automatically logged in without having to reauthenticate agains the provider? I'm not seeing that, I have to use login with facebook each session and hit the continue (app already has access) button.
Also I am correct in thinking that once logged in I'm then an umbraco member with its timeout setting, and at that point, I wouldn't get asp.net identity checking for expired tokens and getting one reissued automatically? Or is that not what asp.net identity does eg replace forms authentication and check on each request I still have access at the provider? Or have I completely misunderstood the infrastructure here?
Also if I wanted to use the permission to fetch posts from facebook for the logged in member would I then need to also store the access_token against the member profile?
Sorry for the probably simplistic questions, but I can't see much documentation for how this is used in anger once past the initial sync external authentication to an umbraco member? Cheers.
is working on a reply...