public static IAuthSession GetSession(this IHttpRequest httpReq, bool reload = false)
        {
            if (httpReq == null) return null;

            object oSession = null;
            if (!reload)
                httpReq.Items.TryGetValue(RequestItemsSessionKey, out oSession);

            if (oSession != null)
                return (IAuthSession)oSession;

            using (var cache = httpReq.GetCacheClient())
            {
                var sessionId = httpReq.GetSessionId();
                var session = cache.Get<IAuthSession>(SessionFeature.GetSessionKey(sessionId));
                if (session == null)
                {
                    session = AuthService.CurrentSessionFactory();
                    session.Id = sessionId;
                    session.CreatedAt = session.LastModified = DateTime.UtcNow;
                    session.OnCreated(httpReq);
                }
                httpReq.Items.Add(RequestItemsSessionKey, session);
                return session;
            }
        }
        public static IAuthSession GetSession(this ICacheClient cache, string sessionId)
        {
            var session = cache.Get <IAuthSession>(SessionFeature.GetSessionKey(sessionId));

            if (session == null)
            {
                session           = AuthService.CurrentSessionFactory();
                session.Id        = sessionId;
                session.CreatedAt = session.LastModified = DateTime.UtcNow;
            }
            return(session);
        }
        public static void RemoveSession(this IHttpRequest httpReq)
        {
            if (httpReq == null) return;

            using (var cache = httpReq.GetCacheClient())
            {
                var sessionKey = SessionFeature.GetSessionKey(httpReq.GetSessionId());
                cache.Remove(sessionKey);
            }

            httpReq.Items.Remove(RequestItemsSessionKey);
        }
        public static void SaveSession(this IHttpRequest httpReq, IAuthSession session, TimeSpan? expiresIn = null)
        {
            if (httpReq == null) return;

            using (var cache = httpReq.GetCacheClient())
            {
                var sessionKey = SessionFeature.GetSessionKey(httpReq.GetSessionId());
                cache.CacheSet(sessionKey, session, expiresIn ?? AuthFeature.GetDefaultSessionExpiry());
            }

            httpReq.Items[RequestItemsSessionKey] = session;
        }
Beispiel #5
0
        public static TUserSession SessionAs <TUserSession>(this ICacheClient cache)
        {
            if (SessionKey != null)
            {
                return(cache.Get <TUserSession>(SessionKey));
            }

            SessionFeature.CreateSessionIds();
            var unAuthorizedSession = typeof(TUserSession).CreateInstance();

            return((TUserSession)unAuthorizedSession);
        }
        //Also shared by RequiredRoleAttribute and RequiredPermissionAttribute
        public static void AuthenticateIfBasicAuth(IHttpRequest req, IHttpResponse res)
        {
            //Need to run SessionFeature filter since its not executed before this attribute (Priority -100)
            SessionFeature.AddSessionIdToRequestFilter(req, res, null); //Required to get req.GetSessionId()

            var userPass = req.GetBasicAuthUserAndPassword();

            if (userPass != null)
            {
                var authService = req.TryResolve <AuthService>();
                authService.RequestContext = new HttpRequestContext(req, res, null);
                var response = authService.Post(new Auth.Auth {
                    provider = BasicAuthProvider.Name,
                    UserName = userPass.Value.Key,
                    Password = userPass.Value.Value
                });
            }
        }
Beispiel #7
0
        protected TUserSession SessionAs <TUserSession>()
        {
            if (userSession != null)
            {
                return((TUserSession)userSession);
            }
            if (SessionKey != null)
            {
                userSession = this.GetAppHost().GetCacheClient().Get <TUserSession>(SessionKey);
            }
            else
            {
                SessionFeature.CreateSessionIds();
            }
            var unAuthorizedSession = typeof(TUserSession).CreateInstance();

            return((TUserSession)(userSession ?? (userSession = unAuthorizedSession)));
        }
Beispiel #8
0
        protected virtual TUserSession SessionAs <TUserSession>()
        {
            if (userSession != null)
            {
                return((TUserSession)userSession);
            }
            if (SessionKey != null)
            {
                userSession = Cache.Get <TUserSession>(SessionKey);
            }
            else
            {
                SessionFeature.CreateSessionIds();
            }
            var unAuthorizedSession = typeof(TUserSession).CreateInstance();

            return((TUserSession)(userSession ?? (userSession = unAuthorizedSession)));
        }
        public static TUserSession SessionAs <TUserSession>(this ICacheClient cache,
                                                            IHttpRequest httpReq = null, IHttpResponse httpRes = null)
        {
            var sessionKey = GetSessionKey(httpReq);

            if (sessionKey != null)
            {
                var userSession = cache.Get <TUserSession>(sessionKey);
                if (!Equals(userSession, default(TUserSession)))
                {
                    return(userSession);
                }
            }

            if (sessionKey == null)
            {
                SessionFeature.CreateSessionIds(httpReq, httpRes);
            }

            var unAuthorizedSession = (TUserSession)typeof(TUserSession).CreateInstance();

            return(unAuthorizedSession);
        }
        public static void AuthenticateIfDigestAuth(IHttpRequest req, IHttpResponse res)
        {
            //Need to run SessionFeature filter since its not executed before this attribute (Priority -100)
            SessionFeature.AddSessionIdToRequestFilter(req, res, null); //Required to get req.GetSessionId()

            var digestAuth = req.GetDigestAuth();

            if (digestAuth != null)
            {
                var authService = req.TryResolve <AuthService>();
                authService.RequestContext = new HttpRequestContext(req, res, null);
                var response = authService.Post(new Auth.Auth
                {
                    provider = DigestAuthProvider.Name,
                    nonce    = digestAuth["nonce"],
                    uri      = digestAuth["uri"],
                    response = digestAuth["response"],
                    qop      = digestAuth["qop"],
                    nc       = digestAuth["nc"],
                    cnonce   = digestAuth["cnonce"],
                    UserName = digestAuth["username"]
                });
            }
        }
        public static string GetSessionKey(IHttpRequest httpReq = null)
        {
            var sessionId = SessionFeature.GetSessionId(httpReq);

            return(sessionId == null ? null : SessionFeature.GetSessionKey(sessionId));
        }