Merge branch 'chunk-backend-user-cookie' of https://github.com/philipdanielhayton/Our-Umbraco-TagHelpers into philipdanielhayton-chunk-backend-user-cookie

Warren Buckley · Warren Buckley · commit ccfcac11bc6f · 2023-03-17T11:19:42.000Z
# Conflicts:
#	Our.Umbraco.TagHelpers/Services/BackofficeUserAccessor.cs
Co-authored-by: philipdanielhayton
diff --git a/Our.Umbraco.TagHelpers/Services/BackofficeUserAccessor.cs b/Our.Umbraco.TagHelpers/Services/BackofficeUserAccessor.cs
@@ -1,5 +1,4 @@
-﻿using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Authentication.Cookies;
+﻿using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Extensions.Options;
 using System.Security.Claims;
@@ -26,6 +25,11 @@ public BackofficeUserAccessor(
             _httpContextAccessor = httpContextAccessor;
         }
 
+
+        /// <summary>
+        /// Updated to use ChunkingCookieManager as per Sean Maloney's answer on our.umbraco.com
+        /// https://our.umbraco.com/forum/umbraco-9/106857-how-do-i-determine-if-a-backoffice-user-is-logged-in-from-a-razor-view#comment-341847
+        /// </summary>
         public ClaimsIdentity BackofficeUser
         {
             get
@@ -35,17 +39,18 @@ public ClaimsIdentity BackofficeUser
                 if (httpContext == null)
                     return new ClaimsIdentity();
 
-                CookieAuthenticationOptions cookieOptions = _cookieOptionsSnapshot.Get(global::Umbraco.Cms.Core.Constants.Security.BackOfficeAuthenticationType);
-                string? backOfficeCookie = httpContext.Request.Cookies[cookieOptions.Cookie.Name!];
+                var cookieOptions = _cookieOptionsSnapshot.Get(global::Umbraco.Cms.Core.Constants.Security.BackOfficeAuthenticationType);
+                var cookieManager = new ChunkingCookieManager();
+                var backOfficeCookie = cookieManager.GetRequestCookie(httpContext, cookieOptions.Cookie.Name!);
 
                 if (string.IsNullOrEmpty(backOfficeCookie))
                     return new ClaimsIdentity();
 
-                AuthenticationTicket? unprotected = cookieOptions.TicketDataFormat.Unprotect(backOfficeCookie!);
-                ClaimsIdentity? backOfficeIdentity = unprotected?.Principal.GetUmbracoIdentity();
+                var unprotected = cookieOptions.TicketDataFormat.Unprotect(backOfficeCookie!);
+                var backOfficeIdentity = unprotected?.Principal.GetUmbracoIdentity();
 
                 return backOfficeIdentity ?? new ClaimsIdentity();
             }
         }
     }
-}
+}
