ASP.NET - Validate a user without logging them in?

Is it possible to validate a user's Username + Password w开发者_StackOverflow中文版ithout logging them in? I understand a usual login block will look like this:

if (!Page.IsValid)
 return;

if (Membership.ValidateUser(UsernameInput.Text, PasswordInput.Text))
{
    FormsAuthentication.RedirectFromLoginPage(UsernameInput.Text, false);
}
else { [...] }

With the Membership.ValidateUser() call setting the cookie for the response.

However, there are some additional checks I'd like to perform after the password is confirmed. (Pulling out an expiry date for that user, for example).

Is there a way to do it without just calling FormsAuthentication.SignOut(); after invalidating the page?

I think your assumption that Membership.ValidateUser is setting the cookie is wrong. I don't believe it sets cookies.

FormsAuthentication.RedirectFromLoginPage sets the cookie.

Think about it from a separation of concerns standpoint:

Membership is where you store your users and password, but it really doesn't know anything about the web or cookies.

Forms Authentication is the technology that keeps a user logged into a website but doesn't care how you determine if that user is valid. All it cares about is having a username and setting/reading cookies, so that the user doesn't have to log in with every request.