YAF-从主页验证用户

Question

Specs:

• MVC 4 RAZOR
• C#
• IIS
• 7.5
• Using YAF - http://yetanotherforum.net/
• .NET 4

What's happening?

I have a site: http://www.mysite.com and at that site I have set up YAF and when a user visits http://www.mysite.com/forum they are taken to the forum.

What do I want?

When a user logs into my site, I want to create a cookie for them so that when the user visits http://www.mysite.com/forum they are automatically logged into the forum.

What have I done?

When the user registers on my site a YAF account is created for them (working fine). When the user logs into my site, I authenticate them and create a cookie but I also want to create a cookie for the forum so that the user does not have to log into the forum separately.

To create the cookie for the user I am doing this (so that YAF detects them as logged in):

    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, userName, DateTime.Now, DateTime.Now.AddMinutes(30), true, "");
    var encryptedTicket = CookieHelper.EncryptTicket(ticket);
    var cookie = CookieHelper.CreateCookie(encryptedTicket, ".YAFNET_Authentication");
    cookie.Path = "/";
    cookie.HttpOnly = true;
    CookieHelper.AddCookie(cookie);

I am expecting to now be authenticated when I visit http://www.mysite.com/forum

Anybody have any words of wisdom?

--Rich

Answer 1

Nevermind...

Here is the solution:

Added a section to both web.config's with the same values. This allows the main website to create an encrypted session key for the login that the YAF site can decrypt. Put this within the section. Change the keys to a random 48-hex-character value of your own (I used RoboForm to generate my keys).

<machineKey validationKey="DBAEF98E532D4161826F8351C794DFD27C0F814262FD6986"
decryptionKey="DBAEF98E532D4161826F8351C794DFD27C0F814262FD6986"
validation="SHA1" decryption="AES" />

Answer found here: Log in YAF user

Hope it helps someone else one day.