views:

110

answers:

1

I am using DotNetOpenAuth in my ASP.Net Website. I have modified it to work with Facebook Connect as well, using the same methods and database structures. Now I have come across a problem.

I have added a Facebook Connect button to a login page. From that HTML button, I have to somehow pull information from the Facebook Connect connection and pass it into a method to authenticate the user. The way I am currently doing this is by:

  1. Calling a Javascript Function on the onlogin function of the FBML/HTML Facebook Connect button.
  2. The javascript function calls a Web service to login, which it does correctly.
  3. The web service calls my data access layer to login.
  4. And here is the problem: FormsAuthentication.SetAuthCookie is set at the data access layer. The Cookie is beyond the scope of the user's page and therefore is not set in the browser.

This means that the user is authenticated, but the user's browser is never notified.

So, I need to figure out if this is a bad way of doing what I need or if there is a better way to accomplish what I need. I am just not sure and have been trying to find answers for hours. Any help you have would be great.

A: 

Yes, it sounds like you are having a design crisis brought on by trying to do too much at one time/in one place.

If you break this operation up in to two calls from the client you will find your options opening up quite a bit. It might take some more work but ultimately the code will be less complex. <-- a good thing.

And in my opinion, the first clue pointing to a crisis of design would be when I said to myself "Self, having an authentication method buried two calls deep in my DAL is not working the way I would like...." lol.... I am joking and serious same time.

Good luck.

Sky Sanders