如何使用会话状态管理进行MVC自定义身份验证，授权和角色实现？

Question

现在我在我的项目中实现表单身份验证方法。但是我需要替换表单身份验证，而不是使用iprincipal进行会话状态管理。 我无法传递会话值而不是表单身份验证Cookie。 我无法解决这个问题。

    namespace BMS.Web.FilterManager
    {
        public class Helper
        {
            public static void PersistUser(UserAndVesselSetupDto userDetails)
            {
                FormsAuthenticationTicket ticket = null;
                // Generate User Data String
                string userData = JsonConvert.SerializeObject(new CustomPrincipalSerializeModel()
                {
                    UserId = userDetails.ID,
                    FirstName = userDetails.FirstName,
                    LastName = userDetails.LastName,
                    OrganisationId = userDetails.OrganisationId,
                    Email = userDetails.Email,                
                    UserTypeId = userDetails.UserTypeId,
                    UserTypeDescription = userDetails.UserTypeDescription
                });

                var authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];

                if (authCookie == null)
                {
                    // Create ticket
                    ticket = new FormsAuthenticationTicket(1, userDetails.FirstName + " " + userDetails.LastName, DateTime.Now, DateTime.Now.Add(FormsAuthentication.Timeout), false, userData);
                }
                else
                {
                    var authTicket = FormsAuthentication.Decrypt(authCookie.Value);
                    ticket = new FormsAuthenticationTicket(authTicket.Version, authTicket.Name, authTicket.IssueDate, authTicket.Expiration, authTicket.IsPersistent, userData);
                }

                // Create encrypted cookie
                string hash = FormsAuthentication.Encrypt(ticket);
                var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
                //if (!ticket.IsPersistent)
                cookie.Expires = ticket.Expiration;

                // Store the cookie
                HttpContext.Current.Response.Cookies.Add(cookie); //Necessary, otherwise UserData property gets lost
            }
        }
    }

namespace BMS.Web.Filter
{
    public class CustomPrincipal : ICustomPrincipal
    {
        public CustomPrincipal()
        {
        }

        public IIdentity Identity { get; private set; }

        public bool IsInRole(string role)
        {
            return false;
        }

        public CustomPrincipal(string email)
        {
            Identity = new GenericIdentity(email);
        }

        public int UserId { get; set; }
        public string FirstName { get; set; }
        public string LastName { get; set; }
        public string Email { get; set; }
        public int UserTypeId { get; set; }
        public string UserTypeDescription { get; set; }
        public int OrganisationId { get; set; }
    }
}

    namespace BMS.Web
    {
            protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
            {
                HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
                if (authCookie != null)
                {
                    FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
                    CustomPrincipalSerializeModel loggedUser = JsonConvert.DeserializeObject<CustomPrincipalSerializeModel>(authTicket.UserData);
                    HttpContext.Current.User = new CustomPrincipal(authTicket.Name)
                    {
                        UserId = loggedUser.UserId,
                        FirstName = loggedUser.FirstName,
                        LastName = loggedUser.LastName,
                        OrganisationId = loggedUser.OrganisationId,
                        Email = loggedUser.Email,
                        UserTypeId = loggedUser.UserTypeId,
                        UserTypeDescription = loggedUser.UserTypeDescription
                    };
                }
            }
        }  
    }