Search code examples
c#authenticationauthorizationnancy

Acquiring Windows user in NancyFx context

I'm being tasked with the creation of an intranet web application. It will eventually consist of a SPA Frontend (probably Angular) sitting on top of a NancyFx API.

Frankly I have absolutely zero experience using Windows users for Auth, and since it's generally not recommended (rightly so), it can be hard to find concrete information on this.

I want to authorize users based on the user that is sending each request. However, I have no idea how I can access user information from each request context in Nancy. I've had a look at doing:

public class IndexModule : NancyModule
{
    public IndexModule()
    {
        Get["/"] = parameters =>
        {
            var User = this.Context.CurrentUser;
            return View["index"];
        };
    }
}

Unfortunately, this.Context.CurrentUser never seems to be populated and is always null.

How can I populate each request context with a Windows User?

Alternatively, am I doing it wrong? What is the recommended way of dealing with Windows Users in Nancy? I've been researching this for over two days, and I'm quite nervous about telling my boss that I don't know how to handle this rather essential issue.

Solution

  • Nancy provides the NancyContext type to provide you with context within which the call takes place.

    Unfortunatelty Nancy does not contain the windows user out of the box. In fact, Nancy has no native knowledge of the IUserPrincipal type, which is what is typically used to represent windows identities.

    The good news is that Nancy does integrate with Owin, and Owin provides it's own context which does contain this information, and additionally this will get injected into the Nancy context at no extra cost!

    What you need to do to make this happen is install the Nancy.Owin nuget package and then make a call to the extention IAppBuilder.UseNancy() from the Owin "Startup" class:

    public class Startup
{
    public void Configuration(IAppBuilder app)
    {
        // other owin config here...

        // Register Nancy with Owin middleware...
        app.UseNancy();
    }
}

    This will then enable you to access the Owin environment from the NancyContext like this:

    var owinEnv = context.GetOwinEnvironment(); // context = your NancyContext
var windowsUser = (IPrincipal) owinEnv["server.User"];

    Alternatively, if you don't fancy Owin, you could do this instead: https://stackoverflow.com/a/28976742/569662