Beispiel #1
0
        public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            if (!ModelState.IsValid)
            {
                return(View(model));
            }
            var user = await UserManager.FindAsync(model.UserName, model.Password);

            if (user != null)
            {
                //store user domain session
                var cont        = new ApplicationDbContext();
                var currentUser = (from u in cont.Users
                                   where u.UserName.Equals(model.UserName)
                                   select u).First();

                var icont = (IIotContextBase)System.Web.HttpContext.Current.Session["iotcontext"];
                if (icont == null)
                {
                    icont = UserIotContextFactory.GetContextForUser(currentUser);
                    System.Web.HttpContext.Current.Session["iotcontext"] = icont;
                }

                var domain = icont.Domains.First(dm => dm.Id == currentUser.DomainId);        //dm.DomainName.Equals(currentUser.domainId)
                if (domain != null)
                {
                    Session["AppDomain"] = domain.DomainName;
                    await SignInAsync(user, model.RememberMe);

                    string userDomain = domain.DomainName;
                    if ((userDomain != null) && !userDomain.Equals(String.Empty))
                    {
                        return(RedirectToAction("Index", "Dashboard", new { app = userDomain }));
                    }
                    //return RedirectToLocal(returnUrl);
                }
                else
                {
                    ModelState.AddModelError("", "Invalid domain.");
                }
            }
            else
            {
                ModelState.AddModelError("", "Invalid username or password.");
            }

            // If we got this far, something failed, redisplay form
            return(View(model));
        }
Beispiel #2
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (!_authorize)
            {
                return(true);
            }

            try
            {
                bool basicAuthed = base.AuthorizeCore(httpContext);
                if (basicAuthed)
                {
                    //check domain access
                    string url           = httpContext.Request.RawUrl;
                    var    urlcomponents = url.Split('/');
                    string appdomain     = urlcomponents[1]; //first component after slash
                    if (appdomain != null)
                    {
                        string username           = httpContext.User.Identity.Name;
                        ApplicationDbContext cont = new ApplicationDbContext();
                        var user = (from u in cont.Users
                                    where u.UserName == username
                                    select u).First();

                        var icont = (IIotContextBase)System.Web.HttpContext.Current.Session["iotcontext"];
                        if (icont == null)
                        {
                            icont = UserIotContextFactory.GetContextForUser(user);
                            System.Web.HttpContext.Current.Session["iotcontext"] = icont;
                        }

                        iotDomain domain = icont.Domains.First(dm => dm.DomainName.Equals(appdomain));
                        if (domain != null)
                        {
                            if (domain.DomainName.Equals(appdomain))
                            {
                                return(true);    //user allowed to access domain
                            }
                        }
                    }
                }
            }
            catch (Exception e)
            {
                return(false);
            }
            return(false);
        }