• Toll-free  888-665-8637
  • International  +1 717-220-0012
Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

DezTech
#1 Posted : Tuesday, March 8, 2016 3:54:19 PM(UTC)
DezTech

Rank: Member

Joined: 6/4/2004(UTC)
Posts: 58

Hello! I have the following setup...

1) http://my.webapp.com/
Custom webapp that interacts with BV data via API.

2) http://my.webapp.com/shop/
My BVC installation that the user will eventually get to after doing a few things on the above homepage.

I have my custom webapp authenticating users via the UserAccount.ValidateUser(...) method, but how can I create the appropriate session variable and/or cookie so that when the user later gets to the actual BVC storefront they are already logged in?

Would I need my own cookie that I would need to customize BV to read and re-authenticate in the background or is there another easier way that I'm missing? All ideas appreciated...

Thanks,
-Aaron
Steve95
#2 Posted : Wednesday, March 9, 2016 7:08:27 AM(UTC)
Steve95

Rank: Member

Joined: 4/29/2010(UTC)
Posts: 256

Thanks: 4 times
Was thanked: 11 time(s) in 10 post(s)
To set the cookie you just need to call SessionManager.SetCurrentUserId(u.Bvin, True) this should be Ok depending upon your cookie setup as you are on the same domain. You may need to add a few small tweeks under BvAdmin > Options > Security

If you need to go cross domain then you will have to impliment some form of server side single sign on.
Aaron
#3 Posted : Wednesday, March 9, 2016 11:53:44 AM(UTC)
Aaron

Rank: Administration

Joined: 4/2/2004(UTC)
Posts: 2,393
United States
Location: Hummelstown, PA

Thanks: 6 times
Was thanked: 163 time(s) in 158 post(s)
Originally Posted by: DezTech Go to Quoted Post
I have my custom webapp authenticating users via the UserAccount.ValidateUser(...) method...

Are you using the web services API or are you using the BVC Core assembly?

Originally Posted by: DezTech Go to Quoted Post
...how can I create the appropriate session variable and/or cookie so that when the user later gets to the actual BVC storefront they are already logged in?

Originally Posted by: Steve95 Go to Quoted Post
To set the cookie you just need to call SessionManager.SetCurrentUserId(u.Bvin, True)...

This will only work if you're using the BVC Core assembly, not the web services API. Note that the Boolean parameter to that function sets whether the site should keep the user logged in on subsequent visits to the site.

If you are using the web services API you will need to set the login cookie manually. You can get the cookie name by going to Options >> Site Settings >> Users in the admin and looking at the value of the "User ID Cookie Name" setting. The default value is "Bvc5UserID". Once you have the cookie name value you just set the cookie value to the user's bvin.



Aaron Sherrick
BV Commerce
Toll-free 888-665-8637 - Int'l +1 717-220-0012
Steve95
#4 Posted : Wednesday, March 9, 2016 12:37:17 PM(UTC)
Steve95

Rank: Member

Joined: 4/29/2010(UTC)
Posts: 256

Thanks: 4 times
Was thanked: 11 time(s) in 10 post(s)
Just a note Aaron's answer is also dependent upon the cookie you are creating is within the same domain.

To create the cookie manually have a look though BVsoftware.Bvc5.Core > SessionManager.SetCookieString for an example on how BV accomplishes this
DezTech
#5 Posted : Tuesday, March 15, 2016 10:54:46 AM(UTC)
DezTech

Rank: Member

Joined: 6/4/2004(UTC)
Posts: 58

Originally Posted by: Aaron Go to Quoted Post
Are you using the web services API or are you using the BVC Core assembly?

I'm using the core assembly.

Originally Posted by: Steve95 Go to Quoted Post
To set the cookie you just need to call SessionManager.SetCurrentUserId(u.Bvin, True)...

This is what I tried and it doesn't appear to be setting the login cookie (I think it's only setting a session var), but the BVCartId is written. Moreover, looking at cookies saved by the standard bvc store installation I still don't see a cookie being saved strictly for logging in (using the login form withOUT the RememberMe checkbox). The only cookie being saved is the BVUserID for the RememberMe checkbox when I do select that option.

Would I still need to make adjustments to the Admin -> Options -> Security page being that both apps are on the same domain and the BVC installation is just in a /shop/ App subfolder? The ASP.NET_SessionId cookie value is even the same when viewing pages in each application so I'm thinking even session vars could be potentially shared, but logging into my root application still doesn't show me as logged into the BVC store.

Thanks for the help so far and hopefully this is just something simple that I'm missing.
-Aaron
Aaron
#6 Posted : Tuesday, March 15, 2016 12:26:36 PM(UTC)
Aaron

Rank: Administration

Joined: 4/2/2004(UTC)
Posts: 2,393
United States
Location: Hummelstown, PA

Thanks: 6 times
Was thanked: 163 time(s) in 158 post(s)
Originally Posted by: DezTech Go to Quoted Post
Originally Posted by: Steve95 Go to Quoted Post
To set the cookie you just need to call SessionManager.SetCurrentUserId(u.Bvin, True)...

This is what I tried and it doesn't appear to be setting the login cookie (I think it's only setting a session var), but the BVCartId is written. Moreover, looking at cookies saved by the standard bvc store installation I still don't see a cookie being saved strictly for logging in (using the login form withOUT the RememberMe checkbox). The only cookie being saved is the BVUserID for the RememberMe checkbox when I do select that option.

Right. You need to have the 'remember users' setting enabled on the Options >> Site Settings >> Security page and check the "Remember Me" checkbox when logging in. That will set the cookie.

Originally Posted by: DezTech Go to Quoted Post
Would I still need to make adjustments to the Admin -> Options -> Security page being that both apps are on the same domain and the BVC installation is just in a /shop/ App subfolder? The ASP.NET_SessionId cookie value is even the same when viewing pages in each application so I'm thinking even session vars could be potentially shared, but logging into my root application still doesn't show me as logged into the BVC store.

If the root website and the BVC store in /shop are running as separate IIS applications (even if they're using the same app pool), session data will not be shared. That's why you need to configure the settings as I mentioned above so that the cookie is set (and the cookie can be accessed across applications).
Aaron Sherrick
BV Commerce
Toll-free 888-665-8637 - Int'l +1 717-220-0012
Steve95
#7 Posted : Tuesday, March 15, 2016 12:33:41 PM(UTC)
Steve95

Rank: Member

Joined: 4/29/2010(UTC)
Posts: 256

Thanks: 4 times
Was thanked: 11 time(s) in 10 post(s)
Just at add to Aarons response this would normally be done by adding a dot in front of the domain if you were setting up programmatically e.g. .my.webapp.com

With the setup you could so share the cookie with subdomains as well, should the need arise.
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

©2024 Develisys. All rights reserved.
  • Toll-free  888-665-8637
  • International  +1 717-220-0012