public RequireAuthenticationFilter(
IApplicationRuntimeSettings applicationRuntimeSettings,
IBaseUrlGenerator baseUrlGenerator,
IAuthenticateServiceEndpoint authenticateServiceEndpoint,
ISessionGetter sessionGetter,
IAuthenticationSessionContants contants)
{
_applicationRuntimeSettings = applicationRuntimeSettings;
_baseUrlGenerator = baseUrlGenerator;
_authenticateServiceEndpoint = authenticateServiceEndpoint;
_sessionGetter = sessionGetter;
_contants = contants;
}
public RequireAuthenticationFilter(
IApplicationRuntimeSettings applicationRuntimeSettings,
IBaseUrlGenerator baseUrlGenerator,
IAuthenticateServiceEndpoint authenticateServiceEndpoint,
ISessionGetter sessionGetter,
IAuthenticationSessionContants contants)
{
_applicationRuntimeSettings = applicationRuntimeSettings;
_baseUrlGenerator = baseUrlGenerator;
_authenticateServiceEndpoint = authenticateServiceEndpoint;
_sessionGetter = sessionGetter;
_contants = contants;
}
public AuthenticateServiceEndpoint(
IServiceEndpointBootstrapper <UsernamePassword, ServiceResponse> bootstrapper,
IUserRepository userRepository,
IFormDataReader formDataReader,
IPostHttpMethod postHttpMethod,
ISessionGetter sessionGetter,
IAuthenticationSessionContants contants)
{
bootstrapper.Bootstrap(this, postHttpMethod, "authenticate",
(HttpContext httpContext, List <string> messages, out UsernamePassword request) =>
{
Dictionary <string, string> formData;
if (formDataReader.ReadFormData(httpContext.HttpRequest.InputStream, messages, out formData) == false)
{
request = null;
return(false);
}
request = new UsernamePassword
{
Username = formData["username"],
Password = formData["password"]
};
if (request.Username != null)
{
request.Username = request.Username.Trim();
}
return(true);
},
perform: (httpContext, request) =>
{
ServiceResponse serviceResponse;
var session = sessionGetter.GetSession(httpContext);
if (session[contants.Authenticated] == true.ToString())
{
serviceResponse = new ServiceResponse
{
Success = true,
Messages = new List <string> {
"Already authenticated"
}
};
}
else if (userRepository.Authenticate(request.Username, request.Password))
{
session[contants.Username] = request.Username;
session[contants.Authenticated] = true.ToString();
serviceResponse = new ServiceResponse
{
Success = true,
Messages = new List <string> {
"Successfully authenticated"
}
};
}
else
{
httpContext.HttpResponse.HttpStatusCode = HttpStatusCode.Forbidden;
serviceResponse = new ServiceResponse
{
Success = false,
Messages = new List <string> {
"Invalid username or password"
}
};
}
var returnUrl = session[contants.ReturnUrl];
if (serviceResponse.Success && returnUrl != null)
{
session.Remove(contants.ReturnUrl);
httpContext.HttpResponse.HttpStatusCode = HttpStatusCode.Redirect;
httpContext.HttpResponse.Headers.Add("Location:", returnUrl);
}
return(serviceResponse);
},
validate: (request, messages) =>
{
if (string.IsNullOrWhiteSpace(request.Username))
{
messages.Add("No 'username' is set.");
return(false);
}
return(true);
},
requestFailureHandler: (httpContext, requestFailedAt, messages, request) =>
{
httpContext.HttpResponse.HttpStatusCode = HttpStatusCode.Forbidden;
var serviceResponse = new ServiceResponse
{
Success = false,
Messages = new List <string>()
};
serviceResponse.Messages.AddRange(messages);
return(serviceResponse);
});
}
