Persist to UserAuth when using AspNetWindowsAuthProvider

bradbrowne · June 16, 2018, 12:29pm

Is there a simple way to persist all Windows user names that access my service using AspNetWindowsAuthProvider?

Plugins.Add(new AuthFeature(() => new AuthUserSession(), new IAuthProvider[] { new AspNetWindowsAuthProvider(this) { PersistSession = true, AllowAllWindowsAuthUsers = true, LoadUserAuthFilter = LoadUserAuthInfo }  } ));

I think in a previous version it would do this automatically, but my reading of the Authentication & Authorization docs indicates that the windowsauth no longer persists to the UserAuth table.

Ideally I would like to allow all Windows authenticated users to access my service and be automatically registered in the UserAuth table so that these can be used to assign roles and monitor who is accessing the service.

mythz · June 16, 2018, 3:43pm

It may have persisted the Session but I don’t believe it ever saved to the UserAuth table.

But you should be able to manually save and populate/create the Session if it doesn’t exist with something like:

new AspNetWindowsAuthProvider(this)
{
    PopulateUserRoles = (req, principal, session) =>
    {
        var authRepo = HostContext.AppHost.GetAuthRepository(req);
        var userAuth = authRepo.GetUserAuth(session, tokens:null);
        if (userAuth == null)
        {
            authRepo.SaveUserAuth(session);
            userAuth = authRepo.GetUserAuth(session, tokens:null);
        }
        session.PopulateSession(userAuth, authTokens:null);
    }
}

bradbrowne · June 17, 2018, 6:17am

That sounds like it will do perfectly, but I am getting System.NullReferenceException: 'Object reference not set to an instance of an object.' on the authRepo.SaveUserAuth(session); line.

Am I missing something obvious?

StackTrace    "   at ServiceStack.Auth.OrmLiteAuthRepositoryBase`2.<>c__DisplayClass25_0.<SaveUserAuth>b__0(IDbConnection db)\r\n   at ServiceStack.Auth.OrmLiteAuthRepository`2.Exec(Action`1 fn)\r\n   at Grip.AppHost.<>c.<Configure>b__1_4(IRequest req, IPrincipal principal, IAuthSession session) in C:\\Code\\mapdojo\\Grip\\Grip\\Grip\\AppHost.cs:line 145\r\n   at ServiceStack.Auth.AspNetWindowsAuthProvider.Authenticate(IServiceBase authService, IAuthSession session, Authenticate request)\r\n   at ServiceStack.Auth.AuthenticateService.Post(Authenticate request)\r\n   at ServiceStack.Auth.AspNetWindowsAuthProvider.PreAuthenticate(IRequest req, IResponse res)\r\n   at ServiceStack.AuthenticateAttribute.PreAuthenticate(IRequest req, IEnumerable`1 authProviders)\r\n   at ServiceStack.AuthenticateAttribute.<ExecuteAsync>d__12.MoveNext()"    string

mythz · June 17, 2018, 7:32am

I can’t see the issue, it’s just calling:

github.com

ServiceStack/ServiceStack/blob/17f081b9906ac1568310c9b52cd31f0f034325c5/src/ServiceStack.Server/Auth/OrmLiteAuthRepository.cs#L401


}


public virtual IUserAuth GetUserAuth(string userAuthId)
{
    return Exec(db =>
    {
        return db.SingleById<TUserAuth>(int.Parse(userAuthId));
    });
}


public virtual void SaveUserAuth(IAuthSession authSession)
{
    if (authSession == null)
        throw new ArgumentNullException(nameof(authSession));


    Exec(db =>
    {
        var userAuth = !authSession.UserAuthId.IsNullOrEmpty()
            ? db.SingleById<TUserAuth>(int.Parse(authSession.UserAuthId))
            : authSession.ConvertTo<TUserAuth>();

You can try converting it to a UserAuth and saving that instead which should do the same thing, e.g:

userAuth = session.ConvertTo<UserAuth>();
authRepo.SaveUserAuth(userAuth);

bradbrowne · June 17, 2018, 8:34am

Thanks mate, that works perfectly!

I really appreciate the support