Why does this example call the SignOut for ExternalCookie before signing in with an ApplicationCookie? Is it just a way to make sure the authentication information is clean? (The full example is here: http://www.asp.net/identity/overview/getting-started/introduction-to-aspnet-identity)
private async Task SignInAsync(ApplicationUser user, bool isPersistent)
{
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
var identity = await UserManager.CreateIdentityAsync(
user, DefaultAuthenticationTypes.ApplicationCookie);
AuthenticationManager.SignIn(
new AuthenticationProperties() {
IsPersistent = isPersistent
}, identity);
}
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
Its basically cleanup, the external cookie should get cleared eventually, its only needed to store the claims returned from google/fb/twitter etc such that app can pull whatever data it needs before signing the user. So SignIn is a good safe place to clear that external data.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0