/// <summary>
/// Starts session for logging user
/// </summary>
/// <param name="login">user login</param>
/// <param name="httpSession">session in request context</param>
public int SessionStart(string login, HttpContext httpSession)
{
CleanSessions(login);
var session = new SscisSession
{
SessionStart = DateTime.Now,
Expiration = DateTime.Now.AddSeconds(long.Parse(db.SscisParam.Single(p => p.ParamKey.Equals(SSCISParameters.SESSIONLENGTH)).ParamValue)),
Hash = hashgenerator.GenerateHash()
};
db.SscisSession.Add(session);
session.IdUserNavigation = db.SscisUser.Single(u => u.Login.Equals(login));
db.SaveChanges();
if (!BoolParser.Parse(db.SscisParam.Single(p => p.ParamKey.Equals(SSCISParameters.WEBAUTHON)).ParamValue) || login.Equals(ADMIN))
{
httpSession.Session.SetInt32("sessionId", (int)session.Id);
httpSession.Session.SetString("role", session.IdUserNavigation.IdRoleNavigation.Role);
httpSession.Session.SetString("hash", session.Hash);
httpSession.Session.SetString("login", login);
httpSession.Session.SetInt32("userId", session.IdUser);
}
return((int)session.Id);
}
/// <summary>
/// SSO Authentification
/// https://proxyauth.zcu.cz/testauth
/// </summary>
/// <returns>HomePage</returns>
public ActionResult Index()
{
//Main proxy https://proxyauth.zcu.cz/testauth/
//Backup https://fkmagion.zcu.cz/testauth/
//Zajistit na entry se dostat jenom z proxyauth.zcu.cz (147.228.4.80)
var PROXY_IP = "147.228.4.80";
var headerValue = Request.Headers[WEB_AUTH_USER];
var ip = HttpContext.Connection.RemoteIpAddress.ToString();
if (headerValue.Any() == false || ip != PROXY_IP)
{
return(RedirectToAction("Info", "Entry"));
}
string username = Request.Headers[USERNAME_KEY];
string firstName = Request.Headers[FIRST_NAME];
string secondName = Request.Headers[SECOND_NAME];
string email = Request.Headers[EMAIL_KEY].ToString();
//find user if already in database
var count = db.SscisUser.Count(usr => usr.Login.Equals(username, StringComparison.OrdinalIgnoreCase));
if (count < 1)
{
SscisUser user = new SscisUser();
user.Created = DateTime.Now;
user.Activated = DateTime.Now;
user.Login = username;
user.IsActive = true;
user.Email = email;
user.IdRoleNavigation = db.EnumRole.Where(r => r.Role.Equals(AuthorizationRoles.User, StringComparison.OrdinalIgnoreCase)).Single();
user.Firstname = firstName;
user.Lastname = secondName;
db.SscisUser.Add(user);
db.SaveChanges();
}
//start session
int sessionId = new SSCISSessionManager().SessionStart(username, HttpContext);
ViewBag.SessionId = sessionId;
SscisSession session = db.SscisSession.Find(sessionId);
ViewBag.RedirectUrl = HttpContext.Request.Query["redirect"].ToString();
ViewBag.UserId = session.IdUser;
ViewBag.Hash = session.Hash;
ViewBag.Role = session.IdUserNavigation.IdRoleNavigation.Role;
ViewBag.Login = session.IdUserNavigation.Login;
return(View("Logged"));
}
