Ejemplo n.º 1
0
        public static UserValidationResult AuthenticateMobile(string role = null, bool checkOrgLeadersOnly = false, bool requirePin = false)
        {
            var userStatus = GetUserViaCredentials() ?? GetUserViaSessionToken(requirePin);

            if (userStatus == null)
            {
                return(UserValidationResult.Invalid(UserValidationStatus.ImproperHeaderStructure, "Could not authenticate user, Authorization or SessionToken headers likely missing.", null));
            }
            //throw new Exception("Could not authenticate user, Authorization or SessionToken headers likely missing.");

            if (!userStatus.IsValid)
            {
                return(userStatus);
            }

            var user = userStatus.User;

            var roleProvider = CMSRoleProvider.provider;

            if (role == null)
            {
                role = "Access";
            }

            if (roleProvider.RoleExists(role))
            {
                if (!roleProvider.IsUserInRole(user.Username, role))
                {
                    userStatus.Status = UserValidationStatus.UserNotInRole;
                    return(userStatus);
                }
            }

            UserName2 = user.Username;
            SetUserInfo(user.Username, HttpContext.Current.Session, deleteSpecialTags: false);
            //DbUtil.LogActivity("iphone auth " + user.Username);

            if (checkOrgLeadersOnly && !Util2.OrgLeadersOnlyChecked)
            {
                DbUtil.LogActivity("iphone leadersonly check " + user.Username);
                if (!Util2.OrgLeadersOnly && roleProvider.IsUserInRole(user.Username, "OrgLeadersOnly"))
                {
                    Util2.OrgLeadersOnly = true;
                    DbUtil.Db.SetOrgLeadersOnly();
                    DbUtil.LogActivity("SetOrgLeadersOnly");
                }
                Util2.OrgLeadersOnlyChecked = true;
            }

            ApiSessionModel.SaveApiSession(userStatus.User, requirePin, HttpContext.Current.Request.Headers["PIN"].ToInt2());

            return(userStatus);
        }
Ejemplo n.º 2
0
        public static UserValidationResult AuthenticateMobile2(CMSDataContext cmsdb, CMSImageDataContext cmsidb, bool checkOrgLeadersOnly = false, bool requirePin = false)
        {
            var userStatus = GetUserViaCredentials() ?? GetUserViaSessionToken(cmsdb, requirePin);

            if (userStatus == null)
            {
                //DbUtil.LogActivity("userStatus==null");
                return(UserValidationResult.Invalid(UserValidationStatus.ImproperHeaderStructure, "Could not authenticate user, Authorization or SessionToken headers likely missing.", null));
                //throw new Exception("Could not authenticate user, Authorization or SessionToken headers likely missing.");
            }

            if (!userStatus.IsValid)
            {
                return(userStatus);
            }

            var user = userStatus.User;

            var roleProvider = CMSRoleProvider.provider;

            UserName2 = user.Username;
            SetUserInfo(cmsdb, cmsidb, user.Username, deleteSpecialTags: false);

            if (checkOrgLeadersOnly && !Util2.OrgLeadersOnlyChecked)
            {
                if (!Util2.OrgLeadersOnly && roleProvider.IsUserInRole(user.Username, "OrgLeadersOnly"))
                {
                    Util2.OrgLeadersOnly = true;
                    cmsdb.SetOrgLeadersOnly();
                    CmsData.DbUtil.LogActivity("SetOrgLeadersOnly");
                }
                Util2.OrgLeadersOnlyChecked = true;
            }

            CMSMembershipProvider.provider.SetAuthCookie(user.Username, false);
            ApiSessionModel.SaveApiSession(cmsdb, userStatus.User, requirePin, HttpContextFactory.Current.Request.Headers["PIN"].ToInt2());

            return(userStatus);
        }