I’m working on two separated web projects, but use same authentication scenario for both of them.
Here is a part of my login code:
public void Login(string username, string password, bool staySignedIn)
{
if (this.IsLockedOut(username))
{
this._view.ShowMessage("Your account has been locked!");
return;
}
else if (!this.IsApproved(username))
{
if (!string.IsNullOrEmpty(this.webContext.CurrentUserID))
{
this.membershipService.ChangeApprove(this.webContext.CurrentUserIdFromQuery);
this.DoLogin(username, password, staySignedIn);
}
else
this._view.ShowMessage("Your account is not activated yet");
}
else
this.DoLogin(username, password, staySignedIn);
}
private void DoLogin(string username, string password, bool staySignedIn)
{
try
{
FormsAuthentication.SetAuthCookie(username, staySignedIn);
if (!string.IsNullOrEmpty(this.webContext.GetReturnUrl))
this.redirector.GotoUrl(this.webContext.GetReturnUrl);
else this.redirector.GotoProfileDefault();
}
catch (Exception ex)
{
this.logger.PrintToLogFile(ex, false);
this._view.ShowMessage("Some error code");
}
}
In project1, I have 3 users: user1, user2 and user3 and no user in project2 . My problem is: when I login to web project1 as user1, if web project2 is view in browser, it shows me logged in too as user1 with same user data in project1.Some thing like I login in both webs. and I don’t know why. May you please give me any suggestion?
I suppose the web projects are running in localhost. Am I wrong? I suppose you access to test requesting this url
http://localhost:XXXxSo as you have stored a login cookie for one website, if the other runs in localhost domain too, this site checks the cookie you already have.I advice you remove sessions and cookies before test each site.
Other good way is create fake domains in your local web server, and edit hosts file to point the domains to 127.0.0.1 and test the sites writing in navigator each and different fake domain