protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
// Users module covers it:
//var authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
//var roleCokie = Request.Cookies[Roles.CookieName];
//if (authCookie != null)
//{
// try
// {
// var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
// if (authTicket != null)
// {
// var identity = new FormsIdentity(authTicket);
// var principal = roleCokie == null ? new RolePrincipal("BetterCmsRoleProvider", identity) : new RolePrincipal(identity, roleCokie.Value);
// Context.User = principal;
// }
// }
// catch
// {
// Session.Clear();
// FormsAuthentication.SignOut();
// }
//}
// Super simple example how to force deleted user reauthentication.
if (User != null && usersToForceRelogin.Contains(User.Identity.Name))
{
if (HttpContext.Current.Session != null)
{
HttpContext.Current.Session.Clear();
}
if (Roles.Enabled)
{
Roles.DeleteCookie();
}
if (FormsAuthentication.IsEnabled)
{
FormsAuthentication.SignOut();
}
Response.Redirect(FormsAuthentication.LoginUrl);
}
cmsHost.OnAuthenticateRequest(this);
}