/// <summary>
/// Drops the given long term login entry.
/// </summary>
/// <returns>An awaitable task.</returns>
/// <param name="record">Record.</param>
public virtual Task DropLongTermLoginAsync(LongTermToken record)
{
return(ExecuteCommandAsync(
m_dropLongTermLoginCommand,
record.UserID,
record.Series,
record.Token
));
}
/// <summary>
/// Drops the given long term login entry.
/// </summary>
/// <returns>An awaitable task.</returns>
/// <param name="record">The record indentifying the login to drop.</param>
public virtual Task DropLongTermLoginAsync(LongTermToken record)
{
return(m_lock.LockedAsync(() =>
m_connection.Delete <LongTermToken>(x =>
x.UserID == record.UserID &&
x.Series == record.Series &&
x.Token == record.Token
)));
}
/// <summary>
/// Adds a long term login entry
/// </summary>
/// <returns>An awaitable task.</returns>
/// <param name="record">The record to add.</param>
public virtual Task AddOrUpdateLongTermLoginAsync(LongTermToken record)
{
return(ExecuteCommandAsync(
m_addLongTermLoginCommand,
record.Series,
record.UserID,
record.Series,
record.Token,
record.Expires
));
}
/// <summary>
/// Adds a long term login entry
/// </summary>
/// <returns>An awaitable task.</returns>
/// <param name="record">The record to add.</param>
public virtual Task AddOrUpdateLongTermLoginAsync(LongTermToken record)
{
return(m_lock.LockedAsync(() => {
using (var con = new TransactionConnection(m_connection, m_connection.BeginTransaction()))
{
con.Delete <LongTermToken>(x => x.Series == record.Series);
con.InsertItem(record);
con.Commit();
}
}));
}
/// <summary>
/// Gets a value indicating if the session is valid
/// </summary>
/// <returns><c>true</c>, if the session is valid, <c>false</c> otherwise.</returns>
/// <param name="token">The token to validate.</param>
public static bool IsNullOrExpired(this LongTermToken token)
{
return(token == null || token.Expires < DateTime.Now);
}
/// <summary>
/// Performs all steps required to do a login
/// </summary>
/// <returns>An awaitable task.</returns>
/// <param name="context">The http context.</param>
/// <param name="userid">The user ID.</param>
/// <param name="series">The long-term series</param>
/// <param name="withlongterm">A value indicating if a long-term session should be created</param>
protected virtual async Task PerformLoginAsync(IHttpContext context, string userid, string series, bool withlongterm)
{
var session = new SessionRecord();
// Re-use the XSRF if possible
if (UseXSRFTokens)
{
var xsrf = context.Request.Headers[XSRFHeaderName];
if (!string.IsNullOrWhiteSpace(xsrf))
{
var prev = await ShortTermStorage.GetSessionFromXSRFAsync(xsrf);
if (!Utility.IsNullOrExpired(prev) && prev.UserID == userid && !string.IsNullOrWhiteSpace(userid))
{
session = prev;
}
}
}
session.UserID = userid;
session.Expires = DateTime.Now.AddSeconds(ShortTermExpirationSeconds);
// If the connection is using SSL, require SSL for the cookie
var usingssl = context.Request.SslProtocol != System.Security.Authentication.SslProtocols.None;
if (UseXSRFTokens)
{
session.XSRFToken = session.XSRFToken ?? PRNG.GetRandomString(32);
context.Response.AddCookie(XSRFCookieName, session.XSRFToken, expires: session.Expires, httponly: false, path: CookiePath, secure: usingssl);
}
if (UseLongTermCookieStorage && LongTermStorage != null && (!string.IsNullOrWhiteSpace(series) || withlongterm))
{
var cookie = new LongTermCookie();
if (!string.IsNullOrWhiteSpace(series))
{
cookie.Series = series;
}
var st = new LongTermToken()
{
UserID = userid,
Expires = DateTime.Now.AddSeconds(LongTermDurationSeconds),
Series = cookie.Series,
Token = PBKDF2.CreatePBKDF2(cookie.Token)
};
await LongTermStorage.AddOrUpdateLongTermLoginAsync(st);
context.Response.AddCookie(AuthCookieName, cookie.ToString(), expires: st.Expires, httponly: true, path: CookiePath, secure: usingssl);
}
session.Cookie = PRNG.GetRandomString(32);
context.Response.AddCookie(AuthSessionCookieName, session.Cookie, expires: session.Expires, httponly: true, path: CookiePath, secure: usingssl);
await ShortTermStorage.AddSessionAsync(session);
SetLoginSuccess(context);
context.Request.UserID = userid;
}
/// <summary>
/// Performs all steps required to do a login
/// </summary>
/// <returns>An awaitable task.</returns>
/// <param name="context">The http context.</param>
/// <param name="userid">The user ID.</param>
/// <param name="series">The long-term series</param>
/// <param name="withlongterm">A value indicating if a long-term session should be created</param>
protected virtual async Task PerformLoginAsync(IHttpContext context, string userid, string series, bool withlongterm)
{
var session = new SessionRecord();
// Re-use the XSRF if possible
if (UseXSRFTokens)
{
var xsrf = context.Request.Headers[XSRFHeaderName];
if (!string.IsNullOrWhiteSpace(xsrf))
{
var prev = await ShortTermStorage.GetSessionFromXSRFAsync(xsrf);
if (prev != null)
{
// Remove the previous entry to avoid conflicts
await ShortTermStorage.DropSessionAsync(prev);
// Re-use the XSRF token
session.XSRFToken = prev.XSRFToken;
}
}
}
session.UserID = userid;
session.Expires = DateTime.Now.AddSeconds(ShortTermExpirationSeconds);
// If the connection is using SSL, require SSL for the cookie
var usingssl = context.Request.SslProtocol != System.Security.Authentication.SslProtocols.None;
if (UseXSRFTokens)
{
session.XSRFToken = session.XSRFToken ?? PRNG.GetRandomString(32);
context.Response.AddCookie(XSRFCookieName, session.XSRFToken, expires: session.Expires, httponly: false, path: CookiePath, secure: usingssl);
}
if (UseLongTermCookieStorage && LongTermStorage != null && (!string.IsNullOrWhiteSpace(series) || withlongterm))
{
var cookie = new LongTermCookie();
if (!string.IsNullOrWhiteSpace(series))
{
cookie.Series = series;
}
var st = new LongTermToken()
{
UserID = userid,
Expires = DateTime.Now.AddSeconds(LongTermDurationSeconds),
Series = cookie.Series,
Token = PBKDF2.CreatePBKDF2(cookie.Token)
};
await LongTermStorage.AddOrUpdateLongTermLoginAsync(st);
context.Response.AddCookie(AuthCookieName, cookie.ToString(), expires: st.Expires, httponly: true, path: CookiePath, secure: usingssl);
}
session.Cookie = PRNG.GetRandomString(32);
context.Response.AddCookie(AuthSessionCookieName, session.Cookie, expires: session.Expires, httponly: true, path: CookiePath, secure: usingssl);
if (ShortTermStorage == null)
{
Console.WriteLine("Missing short term storage module, make sure you load Ceen.Security.Login.DatabaseStorageModule or manually set a storage module");
}
await ShortTermStorage.AddSessionAsync(session);
SetLoginSuccess(context);
context.Request.UserID = userid;
}
