Identity: Difference between User.Identity.IsAuthenticated and SignInManager.IsSignedIn(User)?

Created on 11 Sep 2017  路  2Comments  路  Source: aspnet/Identity

What's the difference between User.Identity.IsAuthenticated and using like SignInManager.IsSignedIn(User)? Is there any?

Why I'm asking - I'm not a huge fan of the new @inject keyword in Razor, mostly because of the same reasons why a lot of the JS frameworks are trending towards a unidirectional data flow. So in the template, in /Shared/_LoginPartial I want to replace: @inject SignInManager<ApplicationUser> SignInManager and SignInManager.IsSignedIn(User) with something that doesn't use the inject keyword and was thinking about User.Identity.IsAuthenticated.

I looked through the source code of IsSignedIn and nothing stood out. In my testing this appears to work fine. Just wondering if there are some edge cases I'm not realizing.

Basically I want to turn this:

@inject SignInManager<ApplicationUser> SignInManager
@inject UserManager<ApplicationUser> UserManager

@if (SignInManager.IsSignedIn(User))
{
    <form asp-area="" asp-controller="Account" asp-action="Logout" method="post" id="logoutForm" class="navbar-right">
        <ul class="nav navbar-nav navbar-right">
            <li>
                <a asp-area="" asp-controller="Manage" asp-action="Index" title="Manage">Hello @UserManager.GetUserName(User)!</a>
            </li>
            <li>
                <button type="submit" class="btn btn-link navbar-btn navbar-link">Log out</button>
            </li>
        </ul>
    </form>
}
else
{
    <ul class="nav navbar-nav navbar-right">
        <li><a asp-area="" asp-controller="Account" asp-action="Register">Register</a></li>
        <li><a asp-area="" asp-controller="Account" asp-action="Login">Log in</a></li>
    </ul>
}

Into this:

@if (User.Identity.IsAuthenticated)
{
    <form asp-area="" asp-controller="Account" asp-action="Logout" method="post" id="logoutForm" class="navbar-right">
        <ul class="nav navbar-nav navbar-right">
            <li>
                <a asp-area="" asp-controller="Manage" asp-action="Index" title="Manage">Hello @User.Identity.Name!</a>
            </li>
            <li>
                <button type="submit" class="btn btn-link navbar-btn navbar-link">Log out</button>
            </li>
        </ul>
    </form>
}
else
{
    <ul class="nav navbar-nav navbar-right">
        <li><a asp-area="" asp-controller="Account" asp-action="Register">Register</a></li>
        <li><a asp-area="" asp-controller="Account" asp-action="Login">Log in</a></li>
    </ul>
}

Most helpful comment

User.IsAuthenticated will work even if the current user identity doesn't come from ASP.NET identity (for example a bearer token, or Integrated authentication). SignInManager is Identity only.

All 2 comments

User.IsAuthenticated will work even if the current user identity doesn't come from ASP.NET identity (for example a bearer token, or Integrated authentication). SignInManager is Identity only.

Ok - so for my purposes I should be good then.

Thanks for the ridiculously fast response @blowdart!

Was this page helpful?
0 / 5 - 0 ratings

Related issues

PaulRReynolds picture PaulRReynolds  路  4Comments

marcuslindblom picture marcuslindblom  路  6Comments

trailmax picture trailmax  路  6Comments

jholovacs picture jholovacs  路  4Comments

richerp picture richerp  路  9Comments