Adding an opt-in policy for redirecting if we already have a logged-in Principal.

[stevematney]

No description provided.

[jeremydmiller]

@stevematney,

I think you need to create an all new abstraction for the redirecting on being logged in. IAuthenticationRedirect is semantically a different concept altogether.

LoggedInUserRedirector -- you can't make the test by checking for the presence of an IPrincipal. Can you use IAuthenticationService instead here? There's a couple scenarios where IIS will stick a principal on that isn't ours and we might choose to use some kind of claims based authentication in the future and checking for the principal won't work in those scenarios.

LoggedInUserRedirectorTester -- do you know about InteractionContext? Coulda saved some code there.

Might be easier to use the [Filter(typeof( LoggedInUserRedirector))] attribute on the action for logging in. Right now, that policy isn't applied at all. Is that what you meant to do? My vote would be to go ahead and apply the filter, but register a nullo.

I'd really like to see an integration test for this behavior first.