ASP.NET Identity 2.0 // CookieAuthentication with Persistent Cookie

Apr 28, 2014 at 5:11 PM
Edited Apr 28, 2014 at 5:13 PM

I have the following scenario:
  1. User logs in and enables persisting of the Authentication Cookie. As it happens the sliding expiry time span is quite long (probably couple of weeks)
  2. After they are done with their work they close the browser (other instances of the IE may still be open).
  3. After 10 - 15 minutes they run the application again and they will be logged in automatically because they have have chosen to persist the authentication cookie.
For the application I am working on, it is very important to intercept this automatic log in and log this event.

I am sure I'd be able to implement this feature if I knew what code of the OWIN Cookie Authentication Middleware reads the Authentication Cookie, deserializes it, creates an instance of ClaimsIdentity and finally attaches it to the current HttpContext upon every request.

Any ideas?


Apr 28, 2014 at 6:23 PM
@UncleZen: The 'AuthenticateCoreAsync' method in the CookieAuthenticationMiddleware class takes care of this. You can check that method. Additionally you can step into the code since the symbols are available. Check out this page for more details
Apr 28, 2014 at 6:53 PM
Edited Apr 29, 2014 at 11:27 AM
@suhasj: Did you mean the CookieAuthenticationHandler class? As far as I can see the CokkieAuthenticationMiddleware does not have such a method.

Anyways, do you know how does the method AuthenticateCoreAsync get called. As well are you aware of any events that are raised in such a cases?