public static void SessionExecute()
{
string authorizationUrl = "/User/Login";
string registerUrl = "/User/Register";
string forgotPassUrl = "/User/ForgotPassword";
string commisionUrl = "/Commission/All";
string adminUrl = "/evarlik-admin";
var request = HttpContext.Current.Request;
// authorization url control
var url = request.Path.ToLower(new CultureInfo("en-US", false));
url = url[url.Length - 1] == '/' ? url.Remove(url.Length - 1) : url;
if (!string.IsNullOrEmpty(authorizationUrl))
{
if (url.EndsWith(authorizationUrl.ToLower()))
{
return;
}
}
if (url.EndsWith(registerUrl.ToLower()) ||
url.EndsWith(forgotPassUrl.ToLower()) ||
url.EndsWith(commisionUrl.ToLower()) ||
url.StartsWith(adminUrl.ToLower()))
{
return;
}
if (url.Contains("signalr"))
{
return;
}
var authorizationHeader = request.Headers["Authorization"];
if (string.IsNullOrEmpty(authorizationHeader))
{
RedirectVarlikResult.RedirectWithData(new VarlikResult()
{
Status = ResultStatus.Unauthorized,
Message = "Jwt Token Does Not Exist in Authorization Header"
});
return;
}
var authorizationHeaderSplitted = authorizationHeader.Split(' ');
if (authorizationHeaderSplitted.Length < 2)
{
RedirectVarlikResult.RedirectWithData(new VarlikResult()
{
Status = ResultStatus.Unauthorized,
Message = "Most Probably Authentication Type Is Not Set"
});
return;
}
var token = authorizationHeaderSplitted[1];
DinazorPrincipal.AuthenticateUser(token);
var dinazorPrincipal = (DinazorPrincipal)HttpContext.Current.User;
if (dinazorPrincipal == null || !dinazorPrincipal.Identity.IsAuthenticated)
{
RedirectVarlikResult.RedirectWithData(new VarlikResult()
{
Status = ResultStatus.SessionNotValid,
Message = $"Incorrect Token : {token}"
});
}
}
public async Task <DinazorResult <TokenUser> > Login(BaseTokenUser user)
{
if (user == null)
{
var res = new DinazorResult <TokenUser>();
res.Status = ResultStatus.NoSuchObject;
return(res);
}
//firstly check the user whether alredy logged in or not
var alreadyLoggedInResult = IsUserAlreadyLoggedIn(user.Username, user.Password);
if (!alreadyLoggedInResult.IsSuccess)
{
return(new DinazorResult <TokenUser>());
}
if (alreadyLoggedInResult.Data)
{
_log.Info("user is already logged in");
//user already logged in. get the user
return(GetUserByUsername(user.Username));
}
// LICENCE CONTROL
/* bool anyCommunicationProblem = false;
* DinazorRestClient dinazorRestClient = new DinazorRestClient();
* DinazorResult<List<OrganizationLicenceDto>> licenceResult = new DinazorResult<List<OrganizationLicenceDto>>();
* try
* {
* licenceResult = await dinazorRestClient.Post(user.Client);
* }
* catch (Exception e)
* {
* _log.Error("licence manager communication problem",e);
* anyCommunicationProblem = true;
* licenceResult.Success();
* }
*
* if (!licenceResult.IsSuccess)
* {
* var licenceErrorResult = new DinazorResult<TokenUser> { Status = licenceResult.Status };
* return licenceErrorResult;
* }
*
* //validate the licence
* if (!anyCommunicationProblem && licenceResult.Data.Count <= 0)
* {
* var noLicenceResult = new DinazorResult<TokenUser> { Status = ResultStatus.NoLicence };
* return noLicenceResult;
* }*/
if (true)
{
// try to login
var result = await _authorizationOperation.Login(user);
if (result.IsSuccess)
{
//generate the token
var token = TokenGenerator.GenerateUniqueId();
//control the token if it already exists
while (_tokenStorer.IsTokenExists(token).Status == ResultStatus.Success)
{
token = TokenGenerator.GenerateUniqueId();
}
var tokenUser = result.Data;
tokenUser.Token = token;
//set the licence information
tokenUser.Client = user.Client;
tokenUser.IsLicenceValidated = true;
// tokenUser.OrganizationLicence = licenceResult.Data;
// get the roles according to licenced modules
var userManager = IocManager.Instance.Resolve <IUserManager>();
var roleListResult = await userManager.GetUserByIdWithRoles(tokenUser.Id);
if (roleListResult.IsSuccess)
{
tokenUser.RoleList = roleListResult.Data;
}
else
{
_log.Error("error while getting the role list");
}
//store the user
_tokenStorer.StoreTheToken(token, tokenUser);
DinazorPrincipal.AuthenticateUser(token);
LoginSubscriber.Broadcast(tokenUser);
result.Data = tokenUser;
return(result);
}
return(result);
}
/* else if (anyCommunicationProblem)
* {
*
* }*/
return(null);
}
public static void SessionExecute()
{
string authorizationUrl = "";
var configurationManager = IocManager.Instance.Resolve <IConfigurationManager>();
var authorizationUrlResult = configurationManager.GetValue("AuthorizationUrl");
if (authorizationUrlResult != null && authorizationUrlResult.Count > 0)
{
authorizationUrl = authorizationUrlResult[0];
if (!string.IsNullOrEmpty(authorizationUrl))
{
authorizationUrl = authorizationUrl.ToLower();
}
}
else
{
Log.Error("No Authorization Url Found In DB");
}
var request = HttpContext.Current.Request;
// authorization url control
var url = request.Path.ToLower(new CultureInfo("en-US", false));
url = url[url.Length - 1] == '/' ? url.Remove(url.Length - 1) : url;
if (url.EndsWith(authorizationUrl))
{
return;
}
//Control thr URL if it needs Token or not
var urlNoNeedTokenList = configurationManager.GetValue("UrlNoNeedToken");
if (urlNoNeedTokenList != null && urlNoNeedTokenList.Count > 0)
{
foreach (var item in urlNoNeedTokenList)
{
var reqUrl = item.Split(':')[0].ToLower();
var verb = item.Split(':')[1];
if (url == reqUrl && request.HttpMethod.ToLower() == verb.ToLower())
{
return;
}
}
}
var token = request.QueryString["token"];
if (token == null)
{
RedirectDinazorResult.RedirectWithData(new DinazorResult()
{
Status = ResultStatus.Unauthorized,
Message = "Token information is missing"
});
return;
}
DinazorPrincipal.AuthenticateUser(token);
var dinazorPrincipal = (DinazorPrincipal)HttpContext.Current.User;
if (dinazorPrincipal == null || !dinazorPrincipal.Identity.IsAuthenticated)
{
RedirectDinazorResult.RedirectWithData(new DinazorResult()
{
Status = ResultStatus.SessionNotValid,
Message = $"Token information is wrong. token is {token}"
});
}
}
