-
What's best way to determine if authenticated(programmatically? I've tried using the User object off of the PageState, but the IsAuthenticated proptery on that shows as false when it should be true. |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 4 replies
-
If |
Beta Was this translation helpful? Give feedback.
-
Can you try to use |
Beta Was this translation helpful? Give feedback.
-
Oqtane does not rely solely on authentication for security - it also requires users to be members of roles (ie. authorization). The best way to determine if the user is authenticated is to utilize the Oqtane,Security.UserSecurity.IsAuthorized() method. All authenticated users are members of the Registered Users role:
The Page.User.IsAuthenticated property is currently only populated during login to communicate status between the server and client. An enhancement could be added so that this property is also populated by the SiteRouter. This would make the behavior of this property more intuitive and useful. However it would still be recommended to use the UserSecurity.IsAuthorized() method as it provides a higher level of security. One other item to note... Page.User will be null if the user is not authenticated. |
Beta Was this translation helpful? Give feedback.
Oqtane does not rely solely on authentication for security - it also requires users to be members of roles (ie. authorization). The best way to determine if the user is authenticated is to utilize the Oqtane,Security.UserSecurity.IsAuthorized() method. All authenticated users are members of the Registered Users role:
The Page.User.IsAuthenticated property is currently only populated during login to communicate status between the server and client. An enhancement could be added so that this property is also populated by the SiteRouter. This would make the behavior of this property more intuitive and useful. However it would s…