Ejemplo n.º 1
0
        public void CreateSession(int recordID, CookieAuthTypes userType)
        {
            AuthSession session = new AuthSession
            {
                IPAddress   = HttpContext.Current.Request.GetUserIPAddress(),
                Created     = UKTime.Now,
                SessionCode = Guid.NewGuid().ToString(),
                CookieID    = CookieID
            };

            if (userType == CookieAuthTypes.Admin)
            {
                session.AdminID = recordID;
            }
            else if (userType == CookieAuthTypes.User)
            {
                session.UserID = recordID;
            }


            db.AuthSessions.Add(session);
            db.SaveChanges();

            HttpCookie cookie = new HttpCookie(CookieID);

            cookie.Expires            = DateTime.UtcNow.Add(TimeSpan.FromHours(48.0));
            cookie.Values["authcode"] = session.SessionCode;
            cookie.HttpOnly           = true;
            HttpContext.Current.Response.Cookies.Add(cookie);
        }
Ejemplo n.º 2
0
        public void CreateSession(int recordID, CookieAuthTypes userType)
        {
            AuthSession session = new AuthSession
            {
                IPAddress   = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"],
                Created     = DateTime.UtcNow,
                SessionCode = Guid.NewGuid().ToString(),
                CookieID    = CookieID
            };

            if (userType == CookieAuthTypes.Admin)
            {
                session.AdminID = recordID;
            }
            if (userType == CookieAuthTypes.User)
            {
                session.UserID = recordID;
            }

            db.AuthSessions.InsertOnSubmit(session);
            db.SubmitChanges();

            HttpCookie cookie = new HttpCookie(CookieID);

            cookie.Expires            = DateTime.UtcNow.Add(TimeSpan.FromHours(48.0));
            cookie.Values["authcode"] = session.SessionCode;

            HttpContext.Current.Response.Cookies.Add(cookie);
        }
Ejemplo n.º 3
0
        public int GetRecordID(CookieAuthTypes userType)
        {
            int recordID = -1; // start at -1. if the user table is cleared and re-seeded it may start at 0

            HttpCookie cookie = GetCookie();

            if (cookie != null)
            {
                try
                {
                    if (!String.IsNullOrEmpty(cookie.Values["authcode"]))
                    {
                        string      sessionCode = cookie.Values["authcode"].ToString();
                        string      ip          = HttpContext.Current.Request.GetUserIPAddress();
                        AuthSession authSession = db.AuthSessions.SingleOrDefault(p => p.SessionCode == sessionCode && p.CookieID == CookieID &&
                                                                                  p.IPAddress == ip);

                        if (authSession != null)
                        {
                            if (userType == CookieAuthTypes.Admin && authSession.AdminID.HasValue)
                            {
                                recordID = authSession.AdminID.Value;
                            }
                            if (userType == CookieAuthTypes.User && authSession.UserID.HasValue)
                            {
                                recordID = authSession.UserID.Value;
                            }
                        }
                    }
                }
                catch (InvalidCastException)
                {
                    //Sometimes the auth session lookup can throw a cast exception, suck it up and remove the cookie data
                    Logout();
                }
            }

            return(recordID);
        }