SaaS CMS has officially launched! Learn more now.

Detect CMS login



Forgive me if this is a simple query or something I've missed.

I'm trying to record login activity for all CMS users. But I couldn't see any way to retrieve user login history, as there doesn't appear to be a global "OnUserLogin" event that I can hook into. And unless I'm mistaking, I don't think there is in the SqlMembershipProvider libary either.

Has anyone tackled this previously? I'd imagine it's a fairly regular use case to maintain a record of login history for auditing.


Edited, Oct 17, 2018 19:02

Login is not really part of the product so I think there is nothing built-in.

You could replace and disable the default login page and make your own where you log login history.

Another option is to add an INSERT statment to the appropriate aspnet_Membership_* stored procedure. I don't think they have ever been changed.

Oct 17, 2018 19:53

If you're using identity which is the OOTB providoer or even the owin provider with the standard CookingAuthenticationOptions there's an event you can hook in to for when a user logs int hat allows you to get the login of the user and the associated claims.

Check out the example below where the OnResponseSignIn = METHOD

 // Use cookie authentication
            app.UseCookieAuthentication(new CookieAuthenticationOptions
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString(LoginPath),
                Provider = new CookieAuthenticationProvider
                    // If the "/util/login.aspx" has been used for login otherwise you don't need it you can remove OnApplyRedirect.
                    OnApplyRedirect = cookieApplyRedirectContext =>
                        app.CmsOnCookieApplyRedirect(cookieApplyRedirectContext, cookieApplyRedirectContext.OwinContext.Get<ApplicationSignInManager<ApplicationUser>>());

                    // Enables the application to validate the security stamp when the user logs in.
                    // This is a security feature which is used when you change a password or add an external login to your account.
                    OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager<ApplicationUser>, ApplicationUser>(
                        validateInterval: TimeSpan.FromMinutes(30),
                        regenerateIdentity: (manager, user) => manager.GenerateUserIdentityAsync(user)),
                    OnResponseSignedIn = OnResponseSignedIn

Just create a method to handle this such as 

        /// <summary>
        /// Called when the user has signed in.
        /// </summary>
        /// <param name="cookieResponseSignedInContext">The cookie response signed in context.</param>
        private void OnResponseSignedIn(CookieResponseSignedInContext cookieResponseSignedInContext)
Edited, Oct 18, 2018 16:39
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.