Ejemplo n.º 1
0
        [Create(@"{code}", false, false)] //NOTE: this method doesn't requires auth!!!  //NOTE: this method doesn't check payment!!!
        public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken, string code)
        {
            bool viaEmail;
            var  user = GetUser(userName, password, provider, accessToken, out viaEmail);

            try
            {
                SmsManager.ValidateSmsCode(user, code);

                var token = SecurityContext.AuthenticateMe(user.ID);

                MessageService.Send(Request, MessageAction.LoginSuccessViaApiSms);

                var tenant  = CoreContext.TenantManager.GetCurrentTenant().TenantId;
                var expires = TenantCookieSettings.GetExpiresTime(tenant);

                return(new AuthenticationTokenData
                {
                    Token = token,
                    Expires = new ApiDateTime(expires),
                    Sms = true,
                    PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone)
                });
            }
            catch
            {
                MessageService.Send(Request, user.DisplayUserName(false), MessageAction.LoginFailViaApiSms, MessageTarget.Create(user.ID));
                throw new AuthenticationException("User authentication failed");
            }
            finally
            {
                SecurityContext.Logout();
            }
        }
Ejemplo n.º 2
0
        public static string EncryptCookie(int tenant, Guid userid)
        {
            var settingsTenant = TenantCookieSettings.GetForTenant(tenant);
            var expires        = TenantCookieSettings.GetExpiresTime(tenant);
            var settingsUser   = TenantCookieSettings.GetForUser(tenant, userid);

            return(EncryptCookie(tenant, userid, settingsTenant.Index, expires, settingsUser.Index));
        }
Ejemplo n.º 3
0
        private static DateTime GetExpiresDate(bool session)
        {
            var expires = DateTime.MinValue;

            if (!session)
            {
                var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId;
                expires = TenantCookieSettings.GetExpiresTime(tenant);
            }

            return(expires);
        }
Ejemplo n.º 4
0
        [Create(@"", false, false)] //NOTE: this method doesn't requires auth!!!  //NOTE: this method doesn't check payment!!!
        public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken)
        {
            bool viaEmail;
            var  user = GetUser(userName, password, provider, accessToken, out viaEmail);

            if (!StudioSmsNotificationSettings.IsVisibleSettings || !StudioSmsNotificationSettings.Enable)
            {
                try
                {
                    var token = SecurityContext.AuthenticateMe(user.ID);

                    MessageService.Send(Request, viaEmail ? MessageAction.LoginSuccessViaApi : MessageAction.LoginSuccessViaApiSocialAccount);

                    var tenant  = CoreContext.TenantManager.GetCurrentTenant().TenantId;
                    var expires = TenantCookieSettings.GetExpiresTime(tenant);

                    return(new AuthenticationTokenData
                    {
                        Token = token,
                        Expires = new ApiDateTime(expires)
                    });
                }
                catch
                {
                    MessageService.Send(Request, user.DisplayUserName(false), viaEmail ? MessageAction.LoginFailViaApi : MessageAction.LoginFailViaApiSocialAccount);
                    throw new AuthenticationException("User authentication failed");
                }
                finally
                {
                    SecurityContext.Logout();
                }
            }

            if (string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated)
            {
                return new AuthenticationTokenData
                       {
                           Sms = true
                       }
            }
            ;

            SmsManager.PutAuthCode(user, false);

            return(new AuthenticationTokenData
            {
                Sms = true,
                PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone),
                Expires = new ApiDateTime(DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval))
            });
        }
Ejemplo n.º 5
0
        public AuthenticationTokenData AuthenticateMe([FromBody] AuthModel auth)
        {
            var tenant = CoreContext.TenantManager.GetCurrentTenant();
            var user   = GetUser(tenant.TenantId, auth.UserName, auth.Password);

            try
            {
                var token   = SecurityContext.AuthenticateMe(tenant.TenantId, user.ID);
                var expires = TenantCookieSettings.GetExpiresTime(tenant.TenantId);

                return(new AuthenticationTokenData
                {
                    Token = token,
                    Expires = expires
                });
            }
            catch
            {
                throw new Exception("User authentication failed");
            }
        }
Ejemplo n.º 6
0
        [Create(@"{code}", false, false)] //NOTE: This method doesn't require auth!!!  //NOTE: This method doesn't check payment!!!
        public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken, string code, string codeOAuth)
        {
            bool viaEmail;
            var  user = GetUser(userName, password, provider, accessToken, out viaEmail, codeOAuth);

            var sms = false;

            try
            {
                if (StudioSmsNotificationSettings.IsVisibleAndAvailableSettings && StudioSmsNotificationSettings.Enable)
                {
                    sms = true;

                    SmsManager.ValidateSmsCode(user, code, true);
                }
                else if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable)
                {
                    if (user.ValidateAuthCode(code, true, true))
                    {
                        MessageService.Send(Request, MessageAction.UserConnectedTfaApp, MessageTarget.Create(user.ID));
                    }
                }
                else
                {
                    throw new SecurityException("Auth code is not available");
                }

                var token   = CookiesManager.AuthenticateMeAndSetCookies(user.Tenant, user.ID, MessageAction.LoginSuccess);
                var tenant  = CoreContext.TenantManager.GetCurrentTenant().TenantId;
                var expires = TenantCookieSettings.GetExpiresTime(tenant);

                var result = new AuthenticationTokenData
                {
                    Token   = token,
                    Expires = new ApiDateTime(expires)
                };

                if (sms)
                {
                    result.Sms        = true;
                    result.PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone);
                }
                else
                {
                    result.Tfa = true;
                }

                return(result);
            }
            catch
            {
                MessageService.Send(Request, user.DisplayUserName(false), sms
                                                                              ? MessageAction.LoginFailViaApiSms
                                                                              : MessageAction.LoginFailViaApiTfa,
                                    MessageTarget.Create(user.ID));
                throw new AuthenticationException("User authentication failed");
            }
            finally
            {
                SecurityContext.Logout();
            }
        }