Sign in Register
Go to solution
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Rune Grønkjær 1372 posts 3103 karma points
    Feb 08, 2022 @ 07:43
    Rune Grønkjær
    1

    How to get current Member/User.Identity in IContentFinder?

    Hi people,

    I have a custom IContentFinder and I need to check the roles of the currently logged in Umbraco member.

    My problem is that httpContext.User is empty. So authentication doesn't seem to have been initialized at this point.

    This is how I add the IContentFinder in my IComposer:

    builder.ContentFinders().InsertBefore<ContentFinderByRedirectUrl, ProductContentFinder>();

    Anyone know if this is even possible?

    /Rune

    Copy Link
  • Andrey Karandashov 23 posts 215 karma points c-trib
    Jun 06, 2022 @ 11:15
    Andrey Karandashov
    0

    We have the same issue. Did you find a solution for this issue?

    Copy Link
  • Rune Grønkjær 1372 posts 3103 karma points
    Jun 07, 2022 @ 05:10
    Rune Grønkjær
    1

    Looks like it cannot be done at this point in the life cycle :/

    I got around it by not using the User. Instead I could check the domain because we have a BTB domain. Not a fantastic solution but at least it's fast.

    /Rune

    Copy Link
  • Andrey Karandashov 23 posts 215 karma points c-trib
    Jun 07, 2022 @ 09:09
    Andrey Karandashov
    100

    I found a tricky way how to solve it. We don't want to rewrite our code and we have a lot of content finders, so we decided to use this:

        public static void SetPrincipalForHttpContext(this HttpContext context)
    {
        var ticket = context.DecryptAuthCookie();
        if (ticket == null) return;
        context.User = ticket.Principal;
    }
    public static AuthenticationTicket DecryptAuthCookie(this HttpContext httpContext)
    {
        // ONE - grab the CookieAuthenticationOptions instance
        var opt = httpContext.RequestServices
            .GetRequiredService<IOptionsMonitor<CookieAuthenticationOptions>>()
            .Get("Identity.Application"); //or use .Get("Cookies")
        // TWO - Get the encrypted cookie value
        var cookie = opt.CookieManager.GetRequestCookie(httpContext, opt.Cookie.Name);
        // THREE - decrypt it
        return opt.TicketDataFormat.Unprotect(cookie);
    }

    It's dirty, but works. (You can use this method in your content finder)

    Copy Link
  • Rune Grønkjær 1372 posts 3103 karma points
    Jun 07, 2022 @ 11:21
    Rune Grønkjær
    0

    That is pretty cool. I have not tried this myself, but if it works for you guys it will work for others as well.

    Good work!

    /Rune

    Copy Link
  • Andrey Karandashov 23 posts 215 karma points c-trib
    Jun 07, 2022 @ 06:24
    Andrey Karandashov
    0

    Ah, I see, thanks. We just decided to migrate our v8 solution to v9 and this one of the things that does not work or works in another way as v8.

    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft