OnAuthenticated is not called

I created a customusersession class with OnRegistered and OnAuthenticated.
I have it working the way I want.When I use the facebook provider it calls “OnRegistered” and I can save my custom user. I set the session.ReferralUrl in the “OnRegistered” event and I can redirect to “/verify” and display a message telling the user to check email and verify the account. When I use the credentials auth provider. It hits the registered even but never goes to “OnAuthenticated” and is never redirected to “/verify”. Do I have to call some other method when I’m using the credentials auth provider? I thought it would work the same way but t definitely behaves differently.Seems like the credentials auth provider should be the simplest to implement. What am I missing?

How did you implement your credential auth provider? Here is the sample how to build custom credentials provider
and it uses overriding OnAuthenticated method which is called during authentication.

This is the code. When I authenticate with facebook it hits OnRegistered, then OnAuthenticated and then redirects to my “verify” page. When I use CredentialsAuth it hits OnRegistered and stops. The user is added to the DB and I get a response of the userAuthId.

public class CustomUserSession : AuthUserSession
        public string CustomId { get; set; }
        public string GithubProfileUrl { get; set; }
        public string TwitterProfileUrl { get; set; }
        public string FacebookProfileUrl { get; set; }

        public override void OnAuthenticated(IServiceBase authService, IAuthSession session, IAuthTokens tokens, Dictionary<string, string> authInfo)
            base.OnAuthenticated(authService, session, tokens, authInfo);

            //Populate all matching fields from this session to your own custom User table
            var user = session.ConvertTo<MyCustomUser>();

            var appSettings = authService.TryResolve<IAppSettings>();
            var userAuthRepo = authService.TryResolve<IAuthRepository>();
            var userAuth = userAuthRepo.GetUserAuth(session, tokens);
            var dbConnectionFactory = authService.TryResolve<IDbConnectionFactory>();

            foreach (var authTokens in session.ProviderOAuthAccess)
                if (authTokens.Provider == FacebookAuthProvider.Name)
                    FacebookProfileUrl = session.GetProfileUrl();
                    user.FirstName = authTokens.FirstName;
                    user.LastName = authTokens.LastName;
                if (authTokens.Provider == GithubAuthProvider.Name)
                    GithubProfileUrl = session.GetProfileUrl();
                if (authTokens.Provider == TwitterAuthProvider.Name)
                    TwitterProfileUrl = session.GetProfileUrl();
                    if (appSettings.GetList("TwitterAdmins").Contains(session.UserName) && !session.HasRole(RoleNames.Admin, userAuthRepo))
                        userAuthRepo.AssignRoles(userAuth, roles: new[] { RoleNames.Admin });

                var ProfileUrl = GithubProfileUrl ?? TwitterProfileUrl ?? FacebookProfileUrl;
                using (var db = dbConnectionFactory.OpenDbConnection())
                    var userAuthInstance = db.Single<MyCustomUser>(x => x.UserAuthId == this.UserAuthId.ToInt());
                    if (userAuthInstance != null)
                        userAuthInstance.DefaultProfileUrl = ProfileUrl;

        public string DecodeEncodedNonAsciiCharacters(string value)
            return Regex.Replace(
                m => {
                    return ((char)int.Parse(m.Groups["Value"].Value, NumberStyles.HexNumber)).ToString();

        public override void OnRegistered(IRequest req, IAuthSession session, IServiceBase authService)

            base.OnRegistered(req, session, authService);

            //Populate all matching fields from this session to your my custom User table
            var user = session.ConvertTo<MyCustomUser>();

			if (session.ProviderOAuthAccess.Count > 0)
				var props = session.ProviderOAuthAccess[0].Items;
				user.Email = DecodeEncodedNonAsciiCharacters(props["email"]);
			//redirect after registration
            session.ReferrerUrl = "/Verify";

            using (var db = authService.TryResolve<IDbConnectionFactory>().Open())
                user.Verified = false;
                user.Complete = false;

                //send a welcome e-mail
                var email = new EmailMessage
                    LastModifiedById = 0,
                    LastModifiedDate = DateTime.Today,
                    Processed = false,
                    TemplateId = 1,
                    UserAuth_Id = user.UserAuthId ?? 0,
                    ToAddress = user.Email,
                    FromAddress = "no-reply@xxxxxxxxxxxxxx.net",
                    FromFirstName = "no-reply",
                    Subject = "Please verify your account",
                    CreatedById = 0,
                    CreatedDate = DateTime.Today



I guess another way to ask this is what is the best way to redirect after registration with a custom credentials class?
Redirecting registration is no problem with Oath but with a regular registration it just returns a page showing the user id. Somehow that doesn’t seem right. The page I see looks like:

The Registration Service just returns the RegisterResponse DTO, you’re seeing the automated HTML page because you’re calling it from a browser, you’d get the serialized JSON response if calling from an Ajax/JSON client.

You can tell the RegisterService what url to redirect to by populating the ?continue paramter.

Thanks I will give that a shot.

Worked like a charm. Thanks!

1 Like