Beispiel #1
0
        public static void SetAuthCookie(ILoginUser user)
        {
            Initialize();

            if (!HttpContext.Current.Request.IsSecureConnection && RequireSSL)
            {
                throw new HttpException("Connection_not_secure_creating_secure_cookie");
            }

            bool fromCookie = false;

            ILibAuthenticationTicket ticket = LibAuthentication.ExtractTicketFromCookie(ref fromCookie);

            if (ticket == null)
            {
                ticket = LibAuthentication.CreateTicket(user);
            }
            HttpCookie cookie = LibAuthentication.PrepareCookie(ticket, false);

            if (fromCookie)
            {
                HttpContext.Current.Response.Cookies.Remove(cookie.Name);

                HttpContext.Current.Response.Cookies.Add(cookie);
            }
            else
            {
                HttpContext.Current.Response.Cookies.Add(cookie);
            }
        }
Beispiel #2
0
        public static HttpCookie PrepareCookie(ILibAuthenticationTicket ticket, bool fromCookie)
        {
            HttpCookie cookie = null;

            if (fromCookie && !LibAuthentication.CookiePath.Equals("/"))
            {
                cookie = HttpContext.Current.Request.Cookies[LibAuthentication.CookieName];
                if (cookie != null)
                {
                    cookie.Path = LibAuthentication.CookiePath;
                }
            }

            if (cookie == null)
            {
                cookie      = new HttpCookie(LibAuthentication.CookieName);
                cookie.Path = LibAuthentication.CookiePath;
            }
            if (ticket.IsPersistent)
            {
                cookie.Expires = ticket.LoginTimeout;
            }
            cookie.Value    = LibAuthentication.Encrypt(ticket);
            cookie.Secure   = LibAuthentication.RequireSSL;
            cookie.HttpOnly = true;

            if (LibAuthentication.CookieDomain != null)
            {
                cookie.Domain = LibAuthentication.CookieDomain;
            }

            return(cookie);
        }
        protected virtual void Authenticate(LibAuthenticationEventArgs e)
        {
            if (this.OnAuthenticate != null)
            {
                this.OnAuthenticate(this, e);
            }

            if (e.Context.User == null)
            {
                if (e.User != null)
                {
                    e.Context.User = e.User;
                }
                else
                {
                    bool fromCookie = true;
                    ILibAuthenticationTicket ticket = LibAuthentication.ExtractTicketFromCookie(ref fromCookie);
                    if (ticket == null)
                    {
                        LibAuthentication.RedirectLogin(e.Context);
                        return;
                    }
                    else
                    {
                        LibAuthentication.PrepareTicket(ticket);
                        e.Context.User = new LibPrincipal(new LibIdentity(ticket));
                        HttpCookie cookie = LibAuthentication.PrepareCookie(ticket, fromCookie);

                        e.Context.Response.Cookies.Remove(cookie.Name);
                        e.Context.Response.Cookies.Add(cookie);
                    }
                }
            }
        }
 public void Init(HttpApplication context)
 {
     if (LibAuthentication.AuthRequired)
     {
         LibAuthentication.Initialize();
         context.AuthenticateRequest += new EventHandler(context_AuthenticateRequest);
         context.EndRequest          += new EventHandler(context_EndRequest);
     }
 }
Beispiel #5
0
        public static ILibAuthenticationTicket PrepareTicket(ILibAuthenticationTicket ticket)
        {
            if (ticket != null && !ticket.Expired)
            {
                if (LibAuthentication.SlidingExpiration)
                {
                    LibAuthentication.RenewTicket(ticket);
                }
            }

            return(ticket);
        }
Beispiel #6
0
        public static ILibAuthenticationTicket ExtractTicketFromCookie(ref bool fromCookie)
        {
            ILibAuthenticationTicket ticket = null;

            if (fromCookie)
            {
                HttpCookie cookie = HttpContext.Current.Request.Cookies[LibAuthentication.CookieName];
                if (cookie != null)
                {
                    ticket     = LibAuthentication.Decrypt(cookie.Value);
                    fromCookie = true;
                }
                else
                {
                    fromCookie = false;
                }
            }

            return(ticket);
        }