Setting up Forms Authentication for multiple Web Apps in MVC 5 based on OWIN

Question

I am in process of setting up my 1st MVC Web App. I know I need to provide a Forms Based Authentication model as well as I know I will be reusing it for multiple other internal

Answer 1

Work with new OWIN Identity API that wraps everything that you need to work with Application and External sign in cookies like bellow:

public class IdentityAuthenticationManager
{
    public IdentityAuthenticationManager();
    public IdentityAuthenticationManager(IdentityStoreManager storeManager);

    public string ClaimsIssuer { get; set; }
    public string RoleClaimType { get; set; }
    public IdentityStoreManager StoreManager { get; set; }
    public string UserIdClaimType { get; set; }
    public string UserNameClaimType { get; set; }

    public virtual void Challenge(HttpContextBase context, string authenticationType, string redirectUrl);
    public virtual Task CheckPasswordAndSignIn(HttpContextBase context, string userName, string password, bool isPersistent);
    public virtual Task CreateAndSignInExternalUser(HttpContextBase context, string loginProvider, IUser user);
    public virtual IEnumerable GetExternalAuthenticationTypes(HttpContextBase context);
    public virtual Task GetExternalIdentity(HttpContextBase context);
    public virtual Task> GetUserIdentityClaims(string userId, IEnumerable claims);
    public virtual Task LinkExternalIdentity(ClaimsIdentity id, string userId, string loginProvider);
    public virtual Task SignIn(HttpContextBase context, string userId, bool isPersistent);
    public virtual Task SignIn(HttpContextBase context, string userId, IEnumerable claims, bool isPersistent);
    public virtual Task SignInExternalIdentity(HttpContextBase context, ClaimsIdentity id, string loginProvider);
    public virtual void SignOut(HttpContextBase context);
    public virtual bool VerifyExternalIdentity(ClaimsIdentity id, string loginProvider);
}

And The following shows the login code for the ASP.NET MVC template:

[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task Login(LoginViewModel model, string returnUrl)
{
    if (ModelState.IsValid)
    {
        // Validate the user password
        if (await AuthenticationManager.CheckPasswordAndSignIn(HttpContext, model.UserName, model.Password, model.RememberMe))
        {
            return RedirectToLocal(returnUrl);
        }
    }

    // If we got this far, something failed, redisplay form
    ModelState.AddModelError("", "The user name or password provided is incorrect.");
    return View(model);
}

For more information visit this.