In our current system (.net 4.5) to handle user authentication throughout the app we have created our own IIdentity
and IPrincipal
objects. So on every request we decrypt an attribute in the cookie (stored at login) and using this we check the cache for the user object (which also provides us with the client object). If the user is in the cache, great we then set the HttpContextBase.User
and the Thread.CurrentPrincipal
to be our own version of IPrincipal
. If the user isn't in the cache then we get them from the db and set the above.
This works really well as we then have a BaseController
with 2 properties, one for the current user and one for the current client. These are accessed by casting User.Identity
to our own IIdentity
.
We are now looking to move our app over to .netcore but we are not sure how to achieve the same as above given that we don't seem to be able to replicate it. We are currently using cookie middleware with ASP Identity (Shown Here), we are setting some claims (id, name etc) but we aren't sure how to or where we should be checking the cache and setting some properties on every request.