API
Version 7.x > API > CMSContext.IsAuthenticated() View modes: 
User avatar
Member
Member
seanbun - 11/5/2013 6:32:04 PM
   
CMSContext.IsAuthenticated()
I am a bit confusing about the
AuthenticationHelper.AuthenticateUser(username, password, sitename, true);
and
CMSContext.AuthenticateUser(username, false);

Scenario 1

I tried to use

AuthenticationHelper.AuthenticateUser(username, password, sitename, true);

but it still return false when I execute

CMSContext.IsAuthenticated().

Scenario 2

I use below line to authenticate username/password and login a user without creating persistent cookie.
CMSContext.AuthenticateUser(username, false);

And I tried to logout a user as below
CMSContext.LogoutUser();

After execute about line, I found it still returned TRUE when I run
CMSContext.IsAuthenticated().

I would expect to return false since the user has been logout

What are the differences between these 2 authentication methods? Is there any properties I have missed for both approaches?

User avatar
Member
Member
bryanallott - 11/5/2013 11:46:28 PM
   
RE:CMSContext.IsAuthenticated()
Try this, I use this pattern for on-the-fly authentications.

1. Authenticate the user
2. Check the result of the user authentication
3. Sign-in the user against the current CMS context

For example:
UserInfo ui = AuthenticationHelper.AuthenticateUser(txtUsername.Text.Trim(), txtPsswd1.Text, CMSContext.CurrentSiteName, false);
if (ui == null)
{
//display error, login failed
return false;
} else {
CMSContext.AuthenticateUser(ui.UserName, false);
return true;
}

The one is an authentication of credentials, the other is a sign-in; from what I can tell, use both.

User avatar
Member
Member
seanbun - 11/6/2013 12:32:41 AM
   
RE:CMSContext.IsAuthenticated()
Thanks a lot, Bryan.

I am sure this line would let me login a user.

CMSContext.AuthenticateUser(ui.UserName, false);

But do you know what is the last boolean parameter for on below line? I would expect we don't need to execute the first line anymore if we set it to true. Just wonder if this is a bug.

UserInfo ui = AuthenticationHelper.AuthenticateUser(txtUsername.Text.Trim(), txtPsswd1.Text, CMSContext.CurrentSiteName, false);


By the way, how do you do logout?

User avatar
Member
Member
bryanallott - 11/6/2013 12:55:55 AM
   
RE:CMSContext.IsAuthenticated()
I think the login parameter overrides a locked out account and resets the invalidlogin attempts.. ?

For logout, have a look at the code under:
/CMSWebParts/Membership/Logon/SignOutButton.ascx

There a few things you need to check on logout. I try use this webpart/control as much as possible but otherwise copy-paste :)

User avatar
Member
Member
support-kentico - 11/6/2013 1:03:44 AM
   
RE:CMSContext.IsAuthenticated()
Hello,

The last parameter indicates if method is called during the user login. You can however use overloaded 3 parameters method so it would be like this:
CMS.CMSHelper ► AuthenticationHelper ► AuthenticateUser(userName , password , siteName )

The forth parameter is optional and it doesnt need to be used. The source of this information is from our API reference, you can check it out too -> http://devnet.kentico.com/docs/kenticocms_api.zip

Kind regards,
Richard Sustek

User avatar
Member
Member
seanbun - 11/6/2013 7:06:26 AM
   
RE:CMSContext.IsAuthenticated()
Hi Richard,

Could you clarify the is the purpose of the fourth parameter? API does not explain in details.

and also the question about logout. Please read the first post.

User avatar
Certified Developer 10
Certified Developer 10
josha-bpstudios - 11/6/2013 3:25:00 PM
   
RE:CMSContext.IsAuthenticated()
I have used CMSContext.AuthenticateUser(username, true); and it has logged me in before. I have a webpart that sends a user to a url that autologs them im, and this is part of the code that does it. Try setting the second parameter to true and see if that works.

User avatar
Kentico Consulting
Kentico Consulting
Kentico_RichardS - 11/7/2013 4:00:43 AM
   
RE:CMSContext.IsAuthenticated()
Hi,

It is indicating if the method is called during User login. I believe this is used internally when user uses login form to authenticate.

Let us know for further assitance.

Kind regards,
Richard Sustek