An example OWIN middleware that deciphers a Nancy forms auth cookie and puts a ClaimsPrincipal in the OWIN environment. This allows you authenticate a user with Nancy's Forms Authentication, and be able to identify that user in other middleware or frameworks, such as signalr.
Parts of note:
- The Startup class where we externally configure Nancy's Forms Auth crypto. We need this configuration in Nancy to encrypt the cookies and in our middleware to decypt it. Read more on Nancy's crypto.
- I use ClaimsPrincipal in the middleware and share that with the other owin middleware via "server.User" key. This is in line with other OWIN security middleware and povides compatiblity with frameworks that are aware of this.
- You need to provide an implementation of IClaimsPrincipalLookup to convert the Nancy guid user id stored in the nancy auth cookie to a ClaimsPrincipal to be stored in the owin environment dictionary.
- While you can still use Nancy's Context.CurrentUser within your Nancy app, there is an extension method to get the ClaimsPrincipal : Context.GetClaimsPrincipal()
Suggestions, feedback, pull requests welcome.
For now, you'll have to copy/paste the projects / code. If there is enough interest, then I'll create a NuGet package.