This project is read-only.

Best way to handle authentication with external website

Topics: Customizing Orchard, Writing modules
Jun 3, 2013 at 9:30 PM
Here's what I want to achieve :

I have an existing web app which includes a user database and some information regarding each user. I can access this information via a web service.

I want my Orchard-based site to include a login widget where a user can enter his login information (user+pass). This login information which will be sent over to the web service, which will return a user-Guid. Subsequent calls to the web service to retrieve user information include this user-Guid. Once the user has logged in, I want to have a few pages presenting information about the user, allowing the user to modify certain information, etc.

The Orchard-based site is basically serving as a client front-end for the existing web app.

How can I associate the logged-in state and associated user-Guid to a user for the duration of a session?
Jun 4, 2013 at 1:31 AM
You could set a Forms Authentication cookie after successful login.
Jun 5, 2013 at 2:07 PM
IMHO if you want to only use Orchard for those few pages of user information, you'd be a lot better having them in your primary app.
Jun 5, 2013 at 7:41 PM
Edited Jun 5, 2013 at 7:45 PM
I'd go and implement a separate part for holding custom information that would be filled with data coming from webservice. In order to do custom authentication you'd need to implement IAuthenticationService and do what you need to do there.
Jun 5, 2013 at 9:38 PM
sfmskywalker wrote:
You could set a Forms Authentication cookie after successful login.
Couldn't this interfere with the Forms Authentication cookie that Orchard uses for it's login system?
Jun 8, 2013 at 7:27 PM
I don't think so if you use a different cookie name.