public async Task ResolveUserAsync()
{
if (!Manager.HaveCurrentRequest)
{
throw new InternalError("No httpRequest");
}
// check whether we have a logged on user
#if MVC6
if (SiteDefinition.INITIAL_INSTALL || !Manager.CurrentContext.User.Identity.IsAuthenticated)
#else
if (SiteDefinition.INITIAL_INSTALL || !Manager.CurrentRequest.IsAuthenticated)
#endif
{
return;// no user logged in
}
// get user info and save in Manager
string userName = Manager.CurrentContext.User.Identity.Name;
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
if (!await userDP.IsInstalledAsync())
{
Logging.AddErrorLog("UserDefinitionDataProvider not installed");
return;
}
UserDefinition user = await userDP.GetItemAsync(userName);
if (user == null)
{
Logging.AddErrorLog("Authenticated user {0} doesn't exist", userName);
#if DEBUG
//throw new InternalError("Authenticated user doesn't exist");
#endif
return;
}
// Check whether user needs to set up two-step authentication
// External login providers don't require local two-step authentication (should be offered by external login provider)
// If any of the user's roles require two-step authentication and the user has not enabled two-step authentication providers,
// set marker so we can redirect the user
if (Manager.Need2FAState == null)
{
Manager.Need2FAState = false;
using (UserLoginInfoDataProvider logInfoDP = new UserLoginInfoDataProvider()) {
if (!await logInfoDP.IsExternalUserAsync(user.UserId))
{
// not an external login, so check if we need two-step auth
LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync();
if (config.TwoStepAuth != null && user.RolesList != null)
{
foreach (Role role in config.TwoStepAuth)
{
if (role.RoleId == Resource.ResourceAccess.GetUserRoleId() || user.RolesList.Contains(new Role {
RoleId = role.RoleId
}, new RoleComparer()))
{
if ((await user.GetEnabledAndAvailableTwoStepAuthenticationsAsync()).Count == 0)
{
Manager.Need2FAState = true;
}
break;
}
}
}
}
}
}
// Check whether the user needs to change the password
Manager.NeedNewPassword = user.NeedsNewPassword;
// user good to go
Manager.UserName = user.UserName;
Manager.UserEmail = user.Email;
Manager.UserId = user.UserId;
Manager.UserObject = user;
await UserSettings.UserSettingsAccess.ResolveUserAsync();
Manager.UserRoles = (from l in user.RolesList select l.RoleId).ToList();
int superuserRole = Resource.ResourceAccess.GetSuperuserRoleId();
if (user.RolesList.Contains(new Role {
RoleId = superuserRole
}, new RoleComparer()))
{
Manager.SetSuperUserRole(true);
}
}
}