Get the current user after completing custom registration for MVC4 application

Question

I have an mvc4 forms application that uses the simple membership OOTB account controller. I have a view model for the application where I was successfully able to retrieve the username after completing registration as follows:

this.UserName = HttpContext.Current.User.Identity.Name;

At the point this was working my registration method was as follows:

try
            {
                WebSecurity.CreateUserAndAccount(model.UserName, model.Password, propertyValues: new
                {
                    //Form defined values
                    Forename = model.Forename,
                    Surname = model.Surname,
                    Email = model.Email,
                    Password = model.Password,
                    Answer = model.SecretAnswer,
                    DOB = model.DOB,

                    //Auto defined values
                    JoinDate = DateTime.Today,
                    LastLogin = DateTime.Now,
                    CompanyID = 5,
                    ParticipationPoints = 0,
                    Privacy = 0,
                    IsDeleted = 0,
                    ImageURL = "/Images/user-holder.jpg"

                });
                WebSecurity.Login(model.UserName, model.Password);
                return RedirectToAction("Index", "Home");
            }
            catch (MembershipCreateUserException e)
            {
                ModelState.AddModelError("", ErrorCodeToString(e.StatusCode));
            }

After consultation with my customer it was decided that to prevent anyone from just registering on the internet they should already be contained with the usertable with the username value found as a pre existing user. So after this the registration was changed to:

Controller

[HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult Register(RegisterModel model)
    {
        if (ModelState.IsValid)
        {
            avm.Username = model.UserName;
            avm.Forename = model.Forename;
            avm.Surname = model.Surname;
            avm.Email = model.Email;
            avm.Password = model.Password;
            avm.Answer = model.SecretAnswer;
            avm.DOB = model.DOB;

            avm.RegisterUser();
            if (avm.StatusCode == "Success")
            {
                return RedirectToAction("Index", "Home");
            }
            else
            {
                //ModelState.AddModelError("", ErrorCodeToString(avm.StatusCode));
                return View();
            }
       }
   }

ViewModel

try
        {
            this.dbcontext = new MyContext(System.Configuration.ConfigurationManager.ConnectionStrings["MyContext"].ConnectionString);

            userRepository = new Repository<MyUser>(dbcontext);

            //Step 1 - Check User is in user table.
            MyUser userCheck = userRepository.Get(u => u.Username == this.Username).ToList().FirstOrDefault();

            if (userCheck == null)
            {
                StatusCode = "NoUserError";
                return;
            }
            else
            {
                //Step 2 - Check user has not already registered
                if (userCheck.Password != null || userCheck.Answer != null)
                {
                    StatusCode = "AlreadyRegistered";
                    return;
                }
            }

            //Step 3 - Check the email is valid and the password confirms to password length.
            Regex expEmail = new Regex(@"^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$");
            if (!expEmail.IsMatch(this.Email))
            {
                StatusCode = "InvalidEmail";
                return;
            }

            if (this.Password.Length < 8)
            {
                StatusCode = "InvalidPassword";
                return;
            }

            //Encrypt the password to store in SQL Azure. It does not at this point have any encryption.
            EncryptionUtils encryptor = new EncryptionUtils();
            string encrytpedPassword = encryptor.Encrypt(this.Password);

            //Form defined fields
            userCheck.Username = this.Username;
            userCheck.Password = encrytpedPassword;
            userCheck.Forename = this.Forename;
            userCheck.Surname = this.Surname;
            userCheck.Email = this.Email;
            userCheck.Answer = this.Answer;
            userCheck.DOB = this.DOB;

            //Automatically defined values
            userCheck.JoinDate = DateTime.Today;
            userCheck.LastLogin = DateTime.Now;
            userCheck.CompanyID = 5;
            userCheck.RoleID = 3;
            userCheck.ParticipationPoints = 0;
            userCheck.Privacy = 0;
            userCheck.IsDeleted = false;
            userCheck.ImageURL = "/Images/user-holder.jpg";

            userRepository.Update(userCheck);
            userRepository.SaveChanges();

            StatusCode = "Success";
        }
        catch (Exception ex)
        {
            StatusCode = "Error";
            return;
        }

 }

Now when I hit the home controller I am not able to access the HttpContext.Current.User.Identity.Name value. Has the authenticated username been stored elsewhere due to the changes?

Answer 1

Authentication cookie must be issued after registration success. Try,

if (avm.StatusCode == "Success")
{
    FormsAuthentication.SetAuthCookie(model.UserName, false);
    return RedirectToAction("Index", "Home");
}

hope this helps.