I am trying to log users out if their security stamp changes, but SecurityStampValidatornever checks the security stamp.
By using the code from SecurityStampValidator.cs I have found that GetUserManager from this call var manager = context.OwinContext.GetUserManager<TManager>(); always returns null.
I am using Unity for Dependency Injection. See:
public void ConfigureAuth(IAppBuilder app)
{
CookieOptions = new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
ExpireTimeSpan = TimeSpan.FromHours(24),
Provider = new CookieAuthenticationProvider
{
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager, ApplicationUser>(
validateInterval: TimeSpan.FromSeconds(20),
regenerateIdentity: (manager, user) => user.GenerateUserIdentityAsync(manager, DefaultAuthenticationTypes.ApplicationCookie))
}
};
app.UseCookieAuthentication(CookieOptions);
}
.
unity.RegisterType<ApplicationSignInManager>(new HierarchicalLifetimeManager());
unity.RegisterType<ApplicationUserManager>(new HierarchicalLifetimeManager());
unity.RegisterType<IUserStore<ApplicationUser>, UserStore<ApplicationUser>>(new HierarchicalLifetimeManager());
Question: How do I inject the user manager correctly or wire up the OWIN context correctly?
