How do to authenticate a registered user using OWIN & Identity?

Question

I have two projects, MVC web app and a web service. In the MVC web app I have a controller called 'Account'. In 'Account' there is an action called 'Login'. The 'Login'action gets the Authentication Manager from the request. The 'Login' action calls the web service to identify if the user exists. If the user exists, the web service will return 'ClaimsIdentity' for that specific user. The 'Login'action will then use the authentication manager and the claims identity to sign the user in.

After this, the user is not signed/authenticated. I know this because User.Identity.Name is blank and User.Identity.IsAuthenticated is false. Need explanation of why this is happening and what I can do to solve the issue. There are no build-time or run-time errors. I need the web service to perform ALL calls to the database.

Account.Login Code

    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult LogIn(LoginModel model)
    {
        if (!ModelState.IsValid)
        {
            return View(model);
        }

        var authManager = GetAuthenticationManager();

        var loginFeedback = _webService.Login(model);

        if (loginFeedback.Success)
        {
            authManager.SignIn(loginFeedback.Identity);
            return RedirectToAction("Index", "Home");
        }
        else
        {
            ModelState.AddModelError("", loginFeedback.FeedbackMessage);
            return View(model);
        }
    }

GetAuthenticationManager

    private IAuthenticationManager GetAuthenticationManager()
    {
        var context = Request.GetOwinContext();
        return context.Authentication;
    }

Web Service Login

    public LoginFeedbackDto Login(LoginModel loginModel)
    {
        var userManager = GetUserManager();

        var user = userManager.Find(loginModel.Email, loginModel.Password);

        var dto = new LoginFeedbackDto();
        string status = user.Status.ToLower();

        if (status == "invalid")
        {
            dto.Success = false;
            dto.FeedbackMessage = @"This account has not been activated.";
        }
        else if (status == "rejected")
        {
            dto.Success = false;
            dto.FeedbackMessage = @"This account has been rejected.";
        }
        else if (status != "invalid" && status != "rejected" && status != "processed")
        {
            dto.Success = false;
            dto.FeedbackMessage = @"We are unable to log you in due to a technical issue.";
        }
        else
        {
            dto.Success = true;
            dto.Identity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);
        }

        userManager.Dispose();

        return dto;
    }

Answer 1

What is happening here is the identity you are creating is being 'lost' on the RedirectToAction.
You could make use of CookieMiddleware, which can create a cookie representing the current user.
You will need an Owin startup class which will need code something like the following.
Make sure 'SelfIssue' is the same AuthenticationType that your webservice sets the ClaimsIdentity.AuthenticationType to.

public const string SelfIssue = "Self-Issue";

public void Configuration(IAppBuilder app)
{
    app.SetDefaultSignInAsAuthenticationType(SelfIssue);
    app.UseCookieAuthentication(new CookieAuthenticationOptions { AuthenticationType = SelfIssue });
}