Developer forum

Forum » Templates » Impersonate keeps previous logedin user when login with new one

Impersonate keeps previous logedin user when login with new one

E-mail notifications
Cátia Torego
Reply
Posted on 06/07/2020 11:32:19

I'm having an issue with impersonate. If i'm logedin with an user, and impersonating, if i logout and then login a diferent user the new user is impersonated by the previous logedin one.

For instance:

  • I am logedin with UserA impersonating UserB
  • I logout
  • Then i login with UserC
  • I get the UserA impersonating the UserC

Is this a bug or is there something that needs to be done to make sure the previous user is actually logedout? 

DW version  9.8.4

impersonate_settings.png

Replies

 
Nicolai Pedersen
Posted on 06/07/2020 11:40:29
Reply

When you are impersonating, you can log out the impersonated user or the impersonating user. If you only logout the impersonated user, then the impersonater is still logged in and also need to be logged out.

We have no known bug on this.

 
Cátia Torego
Posted on 06/07/2020 11:56:48
Reply

Thanks for the clarification Nicolai. 

But can you help me with how to make sure i logout from both? 

This is how i'm login out now /Admin/Public/ExtranetLogoff.aspx

 
Nuno Aguiar Dynamicweb Employee
Nuno Aguiar
Posted on 08/07/2020 13:10:48
Reply
This post has been marked as an answer

Hi Catia,

 

You may need to add a NotificationSubscriber. We did this for another project and worked well

 

using Dynamicweb.Extensibility.Notifications;
using Dynamicweb.Notifications;
using System.Web;
using Dynamicweb.Environment;

namespace Dna.AutoImpersonate.NotificationSubscribers
{
    [Subscribe(Standard.User.OnBeforeExtranetLogOff)]
    public class OnBeforeExtranetLogOff : NotificationSubscriber
    {
        public override void OnNotify(string notification, NotificationArgs args)
        {
            if (!(args is Standard.User.OnBeforeExtranetLogOffArgs userArgs))
            {
                return;
            }

            if (userArgs.User == null)
            {
                return;
            }
            
            var currentUser = userArgs.User;
            if (currentUser.CurrentSecondaryUser != null)
            {
                currentUser.CurrentSecondaryUser = null;
                RemoveImpersonateUserCookies();
            }
        }

        private static void RemoveImpersonateUserCookies()
        {
            RemoveCookie("DW_Extranet");
            RemoveCookie("DW_ExtranetSessionCookie");
        }

        private static void RemoveCookie(string cookieId)
        {
            var cookie = new Cookie(cookieId)
            {
                Value = HttpContext.Current.Request.Cookies[cookieId]?.ToString()
            };
            var extranetImpersonatedUserId = "DWExtranetImpersonateUserID";

            cookie[extranetImpersonatedUserId] = null;
            CookieManager.UpdateCookie(cookie);
        }
    }
}

 

Best Regards,

Nuno Aguiar

Votes for this answer: 1

 

You must be logged in to post in the forum