public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
        {
            cancellationToken.ThrowIfCancellationRequested();

            var request = context?.Request;
            var cookies = request?.Headers.GetCookies().Where(cookie => cookie.HttpOnly == (cookie.Secure && request.RequestUri.Scheme == Uri.UriSchemeHttps)).SelectMany(cookieBag => cookieBag.Cookies);
            var authenticationCookie = cookies?.FirstOrDefault(cookie => cookie.Name == AUTHENTICATION_COOKIE_NAME);
            var token = authenticationCookie?.Value;

            var cacheKey = BuildCacheKey(token);
            var cache    = HttpContext.Current.Cache;

            var cachedUser = cache.Get(cacheKey) as CustomIdentity;

            if (token != null)
            {
                if (cachedUser == null)
                {
                    var config      = new SiteConfiguration();
                    var accountRepo = PersistenceFactory.GetAccountRepo(config);
                    var user        = accountRepo.GetAccountByRecentToken(token);
                    if (user != null)
                    {
                        var customIdentity = new CustomIdentity(user.Username, user.Email, user.AuthToken);
                        context.Principal = new GenericPrincipal(customIdentity, new string[] { });
                        cache.Insert(cacheKey, customIdentity);
                    }
                    else
                    {
                        context.ErrorResult = new UnauthorizedResult(new AuthenticationHeaderValue[] { }, context.Request);
                    }
                }
            }

            if (!(context.Principal?.Identity is CustomIdentity))
            {
                context.ErrorResult = new UnauthorizedResult(new AuthenticationHeaderValue[] { }, context.Request);
            }

            return(Task.FromResult(0));
        }
Beispiel #2
0
 public AccountController()
 {
     AccountRepo = PersistenceFactory.GetAccountRepo(new SiteConfiguration());
 }