Ejemplo n.º 1
0
        protected void LoginControll_LoggedIn(object sender, EventArgs e)
        {
            var targetUrl = GetPostLoginUrl();
            var userName  = ((Login)sender).UserName;

            if (this._ssoEnabled)
            {
                this.GetCookie().Value = CryptoApi.Crypt(userName, "sensenet60beta1", "SenseNetContentRepository");
            }

            if (OnUserLoggedIn != null)
            {
                OnUserLoggedIn(sender, e);
            }

            SnLog.WriteAudit(AuditEvent.LoginSuccessful,
                             new Dictionary <string, object>
            {
                { "UserName", userName },
                { "ClientAddress", RepositoryTools.GetClientIpAddress() }
            });

            LoginExtender.OnLoggedIn(new LoginInfo {
                UserName = userName
            });

            HttpContext.Current.Response.Redirect(targetUrl);
        }
Ejemplo n.º 2
0
        public override string EvaluateTemplate(string templateName, string templateExpression, object templatingContext)
        {
            switch (templateName)
            {
            case "currentdate":
                return(DateTime.Today.ToShortDateString());

            case "currenttime":
                return(EvaluateExpression(DateTime.UtcNow, templateExpression, templatingContext));

            case "currentuser":
                return(EvaluateExpression(User.Current as GenericContent, templateExpression, templatingContext));

            case "fullname":
                return(TemplateManager.GetProperty(User.Current as GenericContent, "FullName"));

            case "email":
                return(TemplateManager.GetProperty(User.Current as GenericContent, "Email"));

            case "ipaddress":
                return(RepositoryTools.GetClientIpAddress());

            default:
                return(base.EvaluateTemplate(templateName, templateExpression, templatingContext));
            }
        }
Ejemplo n.º 3
0
        /// <summary>
        /// Logs out the current user.
        /// </summary>
        /// <param name="ultimateLogout">Whether this should be an ultimate logout. If set to True, the user will be logged out from all clients.</param>
        public static void Logout(bool ultimateLogout = false)
        {
            var user = User.Current;
            var info = new CancellableLoginInfo {
                UserName = user.Username
            };

            LoginExtender.OnLoggingOut(info);

            if (info.Cancel)
            {
                return;
            }

            FormsAuthentication.SignOut();

            AccessTokenVault.DeleteTokensByUser(user.Id);

            SnLog.WriteAudit(AuditEvent.Logout,
                             new Dictionary <string, object>
            {
                { "UserName", user.Username },
                { "ClientAddress", RepositoryTools.GetClientIpAddress() }
            });

            LoginExtender.OnLoggedOut(new LoginInfo {
                UserName = user.Username
            });

            if (HttpContext.Current != null)
            {
                if (HttpContext.Current.Session != null)
                {
                    HttpContext.Current.Session.Abandon();
                }

                // remove session cookie
                var sessionCookie = new HttpCookie(GetSessionIdCookieName(), string.Empty)
                {
                    Expires = DateTime.UtcNow.AddDays(-1)
                };

                HttpContext.Current.Response.Cookies.Add(sessionCookie);

                // in case of ultimate logout saves the time on user
                if (ultimateLogout || Configuration.Security.DefaultUltimateLogout)
                {
                    using (new SystemAccount())
                    {
                        if (user is User userNode)
                        {
                            userNode.LastLoggedOut = DateTime.UtcNow;
                            userNode.Save(SavingMode.KeepVersion);
                        }
                    }
                }
            }
        }
Ejemplo n.º 4
0
 protected void LoginStatus_LoggedOut(object sender, EventArgs e)
 {
     SnLog.WriteAudit(AuditEvent.Logout,
                      new Dictionary <string, object>
     {
         { "UserName", User.Current.Username },
         { "ClientAddress", RepositoryTools.GetClientIpAddress() }
     });
     if (OnUserLoggedOut != null)
     {
         OnUserLoggedOut(sender, e);
     }
     LoginExtender.OnLoggedOut(new LoginInfo {
         UserName = User.Current.Username
     });
 }
Ejemplo n.º 5
0
        public static void Logout()
        {
            var info = new CancellableLoginInfo {
                UserName = User.Current.Username
            };

            LoginExtender.OnLoggingOut(info);

            if (info.Cancel)
            {
                return;
            }

            FormsAuthentication.SignOut();

            SnLog.WriteAudit(AuditEvent.Logout,
                             new Dictionary <string, object>
            {
                { "UserName", User.Current.Username },
                { "ClientAddress", RepositoryTools.GetClientIpAddress() }
            });

            LoginExtender.OnLoggedOut(new LoginInfo {
                UserName = User.Current.Username
            });

            if (HttpContext.Current != null)
            {
                if (HttpContext.Current.Session != null)
                {
                    HttpContext.Current.Session.Abandon();
                }

                // remove session cookie
                var sessionCookie = new HttpCookie(GetSessionIdCookieName(), string.Empty)
                {
                    Expires = DateTime.UtcNow.AddDays(-1)
                };

                HttpContext.Current.Response.Cookies.Add(sessionCookie);
            }
        }
Ejemplo n.º 6
0
        protected void Login_LoginError(object sender, EventArgs e)
        {
            var login = sender as Login;

            var    userNameControl = this.FindControlRecursive("UserName");
            var    userNameTextBox = userNameControl as TextBox;
            string userName        = null;

            if (userNameTextBox != null)
            {
                userName = userNameTextBox.Text;
                if (!userName.Contains("\\"))
                {
                    // add default domain for logging reasons
                    var domain = (string.IsNullOrEmpty(this.DefaultDomain)
                        ? IdentityManagement.DefaultDomain
                        : this.DefaultDomain)
                                 ?? string.Empty;

                    userName = string.Concat(domain, "\\", userName);
                }

                SnLog.WriteAudit(AuditEvent.LoginUnsuccessful,
                                 new Dictionary <string, object>
                {
                    { "UserName", userName },
                    { "ClientAddress", RepositoryTools.GetClientIpAddress() }
                });
            }

            var info = new LoginInfo {
                UserName = userName, Message = login.FailureText
            };

            LoginExtender.OnLoginError(info);
            _message = info.Message;
        }
Ejemplo n.º 7
0
        public static object Login(Content content, string username, string password)
        {
            if (string.IsNullOrEmpty(username))
            {
                Logout();
                throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
            }

            if (Membership.ValidateUser(username, password))
            {
                // we need to work with the full username that contains the domain: SetAuthCookie expects that
                if (!username.Contains("\\"))
                {
                    username = IdentityManagement.DefaultDomain + "\\" + username;
                }

                if (User.Current.IsAuthenticated)
                {
                    // if this is the user that is already logged in, return with a success code
                    if (string.CompareOrdinal(User.Current.Username, username) == 0)
                    {
                        using (new SystemAccount())
                        {
                            FormsAuthentication.SetAuthCookie(username, true);
                            return(Content.Create(User.Load(username) as User));
                        }
                    }

                    // logged in as a different user: we have to log out first
                    Logout();
                }

                var info = new CancellableLoginInfo {
                    UserName = username
                };
                LoginExtender.OnLoggingIn(info);
                if (info.Cancel)
                {
                    throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
                }

                SnLog.WriteAudit(AuditEvent.LoginSuccessful, new Dictionary <string, object>
                {
                    { "UserName", username },
                    { "ClientAddress", RepositoryTools.GetClientIpAddress() }
                });

                LoginExtender.OnLoggedIn(new LoginInfo {
                    UserName = username
                });


                using (new SystemAccount())
                {
                    FormsAuthentication.SetAuthCookie(username, true);
                    return(Content.Create(User.Load(username) as User));
                }
            }

            throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
        }