Ejemplo n.º 1
0
        /// <summary>
        /// Authenticate User from Active directory based on his email address and password 
        /// </summary>
        /// <param name="emailAddress">Email Address</param>
        /// <param name="password">Password</param>
        /// <returns>Session</returns>
        public Session AuthenticateUserUsingCredentials( AuthDataRequest authData )
        {
            UserInfoResponse userInfo = new UserInfoResponse();
            string emailAddress = authData.username;
            string password = authData.password;

            Session stat = new Session();

            string msg = string.Empty;

            if ( string.IsNullOrEmpty( emailAddress ) || string.IsNullOrEmpty( password ) )
            {
                stat.Message = "Email and/or password can't be empty!";
                stat.IsAuthenticated = false;

                return stat;
            }
            try
            {
                userInfo = GetUserAttributes( emailAddress );

                if ( userInfo == null )
                {
                    stat.Message = "Error: Couldn't fetch user information!";
                    stat.IsAuthenticated = false;

                    return stat;
                }

                var directoryEntry = new DirectoryEntry( LocalGcUri , userInfo.Upn , password );

                directoryEntry.AuthenticationType = AuthenticationTypes.None;

                var localFilter = string.Format( AdSearchFilter , emailAddress );

                var localSearcher = new DirectorySearcher( directoryEntry );

                localSearcher.PropertiesToLoad.Add( "mail" );
                localSearcher.Filter = localFilter;

                var result = localSearcher.FindOne();

                if ( result != null )
                {
                    stat.Message = "You have logged in successfully!";
                    stat.IsAuthenticated = true;

                    //Set the session Data
                    SessionData session = new SessionData();

                    session.Username = userInfo.EmailAddress;
                    session.Password = password;
                    session.SessionStart = DateTime.Now;

                    //Encrypt Session Data
                    stat.SessionKey = SessionHandler.EncryptSession( session );

                    return stat;
                }

                stat.Message = "Login failed, please try again.";
                stat.IsAuthenticated = false;

                return stat;
            }
            catch ( Exception ex )
            {
                stat.Message = "Wrong Email and/or Password " + ex;
                stat.IsAuthenticated = false;

                return stat;
            }
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Validate Session Key if it is valid and if it is not expired
        /// </summary>
        /// <param name="sessionKey"></param>
        /// <returns></returns>
        public Session ValidateSession( string sessionKey )
        {
            Session stat = new Session();

            if ( string.IsNullOrWhiteSpace( sessionKey ) )
            {
                stat.Message = "No Session key has been provide";
                stat.IsAuthenticated = false;

                return stat;
            }
            else
            {
                try
                {
                    SessionData sessionData = SessionHandler.DecryptSession( sessionKey );

                    if ( sessionKey != null && ( ( DateTime.Now.Subtract( sessionData.SessionStart ) ).TotalHours < SessionTTL ) )
                    {
                        stat.Message = "You have logged in successfully!";
                        stat.IsAuthenticated = true;
                        stat.SessionKey = sessionKey;
                        return stat;
                    }
                    else
                    {
                        AuthDataRequest authData = new AuthDataRequest();
                        authData.username = sessionData.Username;
                        authData.password = sessionData.Password;

                        stat = AuthenticateUserUsingCredentials( authData );
                        stat.Message = "You have logged in successfully!, and Session key has been renewed";

                        return stat;
                    }
                }
                catch ( Exception ex )
                {
                    stat.Message = "Couldn't validate Session key, kinldy authenticate first " + ex;
                    stat.IsAuthenticated = false;

                    return stat;
                }
            }
        }