public static void SetLifeTime(int lifeTime)
{
if (!CoreContext.UserManager.IsUserInGroup(SecurityContext.CurrentAccount.ID, Constants.GroupAdmin.ID))
{
throw new SecurityException();
}
var tenant = TenantProvider.CurrentTenantID;
var settings = TenantCookieSettings.GetForTenant(tenant);
if (lifeTime > 0)
{
settings.Index = settings.Index + 1;
settings.LifeTime = lifeTime;
}
else
{
settings.LifeTime = 0;
}
TenantCookieSettings.SetForTenant(tenant, settings);
var cookie = SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount.ID);
SetCookies(CookiesType.AuthKey, cookie);
}
public static void SetLifeTime(int lifeTime)
{
if (!CoreContext.UserManager.IsUserInGroup(SecurityContext.CurrentAccount.ID, Constants.GroupAdmin.ID))
{
throw new SecurityException();
}
var tenant = TenantProvider.CurrentTenantID;
var settings = TenantCookieSettings.GetForTenant(tenant);
if (lifeTime > 0)
{
settings.Index = settings.Index + 1;
settings.LifeTime = lifeTime;
}
else
{
settings.LifeTime = 0;
}
TenantCookieSettings.SetForTenant(tenant, settings);
if (lifeTime > 0)
{
DbLoginEventsManager.LogOutAllActiveConnectionsForTenant(tenant);
}
var userId = SecurityContext.CurrentAccount.ID;
AuthenticateMeAndSetCookies(tenant, userId, MessageAction.LoginSuccess);
}
public static string EncryptCookie(int tenant, Guid userid, string login = null, string password = null)
{
var settingsTenant = TenantCookieSettings.GetForTenant(tenant);
var expires = settingsTenant.IsDefault() ? DateTime.UtcNow.AddYears(1) : DateTime.UtcNow.AddMinutes(settingsTenant.LifeTime);
var settingsUser = TenantCookieSettings.GetForUser(tenant, userid);
return(EncryptCookie(tenant, userid, login, password, settingsTenant.Index, expires, settingsUser.Index));
}
public static string EncryptCookie(int tenant, Guid userid)
{
var settingsTenant = TenantCookieSettings.GetForTenant(tenant);
var expires = TenantCookieSettings.GetExpiresTime(tenant);
var settingsUser = TenantCookieSettings.GetForUser(tenant, userid);
return(EncryptCookie(tenant, userid, settingsTenant.Index, expires, settingsUser.Index));
}
private static DateTime GetExpiresDate(bool session)
{
var expires = DateTime.MinValue;
if (!session)
{
var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId;
var settings = TenantCookieSettings.GetForTenant(tenant);
expires = settings.IsDefault() ? DateTime.Now.AddYears(1) : DateTime.Now.AddMinutes(settings.LifeTime);
}
return(expires);
}
public static void SetLifeTime(int lifeTime)
{
var tenant = TenantProvider.CurrentTenantID;
TenantCookieSettings settings = null;
if (lifeTime > 0)
{
settings = TenantCookieSettings.GetForTenant(tenant);
settings.Index = settings.Index + 1;
settings.LifeTime = lifeTime;
}
TenantCookieSettings.SetForTenant(tenant, settings);
var cookie = SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount.ID);
SetCookies(CookiesType.AuthKey, cookie);
}
public static void ResetTenantCookie()
{
var userId = SecurityContext.CurrentAccount.ID;
if (!CoreContext.UserManager.IsUserInGroup(userId, Constants.GroupAdmin.ID))
{
throw new SecurityException();
}
var tenant = TenantProvider.CurrentTenantID;
var settings = TenantCookieSettings.GetForTenant(tenant);
settings.Index = settings.Index + 1;
TenantCookieSettings.SetForTenant(tenant, settings);
DbLoginEventsManager.LogOutAllActiveConnectionsForTenant(tenant);
AuthenticateMeAndSetCookies(tenant, userId, MessageAction.LoginSuccess);
}
public static int GetLifeTime()
{
return(TenantCookieSettings.GetForTenant(TenantProvider.CurrentTenantID).LifeTime);
}
public static bool AuthenticateMe(string cookie)
{
if (!string.IsNullOrEmpty(cookie))
{
int tenant;
Guid userid;
string login;
string password;
int indexTenant;
DateTime expire;
int indexUser;
if (cookie.Equals("Bearer", StringComparison.InvariantCulture))
{
var ipFrom = string.Empty;
var address = string.Empty;
if (HttpContext.Current != null)
{
var request = HttpContext.Current.Request;
ipFrom = "from " + (request.Headers["X-Forwarded-For"] ?? request.UserHostAddress);
address = "for " + request.GetUrlRewriter();
}
log.InfoFormat("Empty Bearer cookie: {0} {1}", ipFrom, address);
}
else if (CookieStorage.DecryptCookie(cookie, out tenant, out userid, out login, out password, out indexTenant, out expire, out indexUser))
{
if (tenant != CoreContext.TenantManager.GetCurrentTenant().TenantId)
{
return(false);
}
var settingsTenant = TenantCookieSettings.GetForTenant(tenant);
if (indexTenant != settingsTenant.Index)
{
return(false);
}
if (expire != DateTime.MaxValue && expire < DateTime.UtcNow)
{
return(false);
}
try
{
if (userid != Guid.Empty)
{
var settingsUser = TenantCookieSettings.GetForUser(userid);
if (indexUser != settingsUser.Index)
{
return(false);
}
AuthenticateMe(new UserAccount(new UserInfo {
ID = userid
}, tenant));
}
else
{
AuthenticateMe(login, password);
}
return(true);
}
catch (InvalidCredentialException ice)
{
log.DebugFormat("{0}: cookie {1}, tenant {2}, userid {3}, login {4}, pass {5}",
ice.Message, cookie, tenant, userid, login, password);
}
catch (SecurityException se)
{
log.DebugFormat("{0}: cookie {1}, tenant {2}, userid {3}, login {4}, pass {5}",
se.Message, cookie, tenant, userid, login, password);
}
catch (Exception err)
{
log.ErrorFormat("Authenticate error: cookie {0}, tenant {1}, userid {2}, login {3}, pass {4}: {5}",
cookie, tenant, userid, login, password, err);
}
}
else
{
var ipFrom = string.Empty;
var address = string.Empty;
if (HttpContext.Current != null)
{
var request = HttpContext.Current.Request;
address = "for " + request.GetUrlRewriter();
ipFrom = "from " + (request.Headers["X-Forwarded-For"] ?? request.UserHostAddress);
}
log.WarnFormat("Can not decrypt cookie: {0} {1} {2}", cookie, ipFrom, address);
}
}
return(false);
}
public static bool AuthenticateMe(string cookie)
{
if (!string.IsNullOrEmpty(cookie))
{
int tenant;
Guid userid;
string login;
string password;
int indexTenant;
DateTime expire;
int indexUser;
if (CookieStorage.DecryptCookie(cookie, out tenant, out userid, out login, out password, out indexTenant, out expire, out indexUser))
{
if (tenant != CoreContext.TenantManager.GetCurrentTenant().TenantId)
{
return(false);
}
var settingsTenant = TenantCookieSettings.GetForTenant(tenant);
if (!settingsTenant.IsDefault() && indexTenant != settingsTenant.Index)
{
return(false);
}
if (expire != DateTime.MaxValue && expire < DateTime.UtcNow)
{
return(false);
}
try
{
if (userid != Guid.Empty)
{
var settingsUser = TenantCookieSettings.GetForUser(userid);
if (!settingsUser.IsDefault() && indexUser != settingsUser.Index)
{
return(false);
}
AuthenticateMe(new UserAccount(new UserInfo {
ID = userid
}, tenant));
}
else
{
AuthenticateMe(login, password);
}
return(true);
}
catch (InvalidCredentialException ice)
{
log.DebugFormat("{0}: cookie {1}, tenant {2}, userid {3}, login {4}, pass {5}",
ice.Message, cookie, tenant, userid, login, password);
}
catch (SecurityException se)
{
log.DebugFormat("{0}: cookie {1}, tenant {2}, userid {3}, login {4}, pass {5}",
se.Message, cookie, tenant, userid, login, password);
}
catch (Exception err)
{
log.ErrorFormat("Authenticate error: cookie {0}, tenant {1}, userid {2}, login {3}, pass {4}: {5}",
cookie, tenant, userid, login, password, err);
}
}
else
{
log.WarnFormat("Can not decrypt cookie: {0}", cookie);
}
}
return(false);
}
