I'm implementing Facebook authentication in an ASP.NET 5 MVC 6 application.
I was told the strategy in MVC 4/5 for handling new users was to create a temp cookie and allow anonymous access to the registration page. This way, when we get the user data from Facebook, we can temporarily save it in a temp cookie and once the registration is completed, destroy the temp cookie and create a regular one.
I'm not sure if there's a different strategy in ASP.NET 5. I've been through this article but it doesn't cover the part about registration: https://docs.asp.net/en/latest/security/authentication/sociallogins.html
My question is how do I name a cookie to something like "tempCookie" which should be different than my regular cookie? Also how do I look for my tempCookie once the user is on the sign up page. Obviously, on the sign up page, I need to also make sure that the tempCookie exists. If not, I need to redirect the user to the login page. This is where I need some help.
I use the following code to create a cookie, but not sure about how to name it and how to search for the temp cookie once on the registration page:
await HttpContext.Authentication.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, myClaims)