IAuthWithRequest requests don't need to clear sessions

mythz · mythz · commit fe71f6251cc6 · 2025-07-18T13:17:05.000+08:00
diff --git a/ServiceStack/src/ServiceStack/Auth/AuthenticateService.cs b/ServiceStack/src/ServiceStack/Auth/AuthenticateService.cs
@@ -503,12 +503,11 @@ private async Task<object> AuthenticateAsync(Authenticate request, string provid
             return null; //Just return sessionInfo if no provider or username is given
 
         var authFeature = GetPlugin<AuthFeature>();
-        if (authFeature?.HasSessionFeature == true)
+        if (authFeature?.HasSessionFeature == true && oAuthConfig is not IAuthWithRequest)
         {
             var generateNewCookies = authFeature.GenerateNewSessionCookiesOnAuthentication
                  //keep existing session during OAuth flow
                  && string.IsNullOrEmpty(Request.QueryString["oauth_token"]) 
-                 && string.IsNullOrEmpty(Request.QueryString["State"]) 
                  && string.IsNullOrEmpty(Request.QueryString["state"]);
 
             if (generateNewCookies)
diff --git a/ServiceStack/src/ServiceStack/Auth/BasicAuthProvider.cs b/ServiceStack/src/ServiceStack/Auth/BasicAuthProvider.cs
@@ -66,4 +66,9 @@ public virtual async Task PreAuthenticateAsync(IRequest req, IResponse res)
             }).ConfigAwait();
         }
     }
+
+    protected override Task<IAuthSession> ResetSessionBeforeLoginAsync(IServiceBase authService, IAuthSession session, string userName, CancellationToken token=default)
+    {
+        return Task.FromResult(session);
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -66,4 +66,9 @@ public virtual async Task PreAuthenticateAsync(IRequest req, IResponse res)`
`66`	`66`	`}).ConfigAwait();`
`67`	`67`	`}`
`68`	`68`	`}`
	`69`	`+`
	`70`	`+ protected override Task<IAuthSession> ResetSessionBeforeLoginAsync(IServiceBase authService, IAuthSession session, string userName, CancellationToken token=default)`
	`71`	`+ {`
	`72`	`+ return Task.FromResult(session);`
	`73`	`+ }`
`69`	`74`	`}`