Ejemplo n.º 1
0
        public virtual async Task <ActionResult> Login(UserLoginModel model)
        {
            var user = await UserCore.GetByEmailAndPasswordAsync(model.Email, model.Password).ConfigureAwait(false);

            if (user == null)
            {
                return(RedirectToAction(MVC.Account.Actions.Login()));
            }

            var token = await AuthTokenCore.CreateAsync(new AuthToken { UserId = user.Id }).ConfigureAwait(false);

            HttpContext.Request.Cookies.Clear(); // clear all cookies, to start a fresh session

            var tkt = new FormsAuthenticationTicket(1, model.Email, DateTime.Now,
                                                    DateTime.Now.AddMinutes(999), false, $"{token.Id}#{Guid.NewGuid()}#{token.Id}", FormsAuthentication.FormsCookiePath);

            var cookiestr = FormsAuthentication.Encrypt(tkt);
            var ck        = new HttpCookie(FormsAuthentication.FormsCookieName, cookiestr)
            {
                Expires = tkt.Expiration,
                Path    = FormsAuthentication.FormsCookiePath
            };

            Response.Cookies.Add(ck);

            return(RedirectToAction(MVC.Home.Actions.Index()));
        }
        private static void SetCustomPrincipal(AuthorizationContext filterContext, Guid validationToken)
        {
            if (validationToken == Guid.Empty)
            {
                SignOutAndSetStatusCode(filterContext);
                return;
            }

            var authToken = Task.Run(async() => await AuthTokenCore.GetAsync(validationToken).ConfigureAwait(false)).GetAwaiter().GetResult();

            if (authToken == null)
            {
                SignOutAndSetStatusCode(filterContext);
                return;
            }

            var user = Task.Run(async() => await UserCore.GetAsync(authToken.UserId).ConfigureAwait(false)).GetAwaiter().GetResult();

            if (user == null)
            {
                SignOutAndSetStatusCode(filterContext);
                return;
            }

            var identity = new CustomIdentity(user);

            var newUser = new CustomPrincipal(identity);

            //set the custom principal
            filterContext.HttpContext.User = newUser;
        }