public ContentResult IsAuthTicketValid(string Email, string AuthToken) { String Json = ""; bool result = false; Member Member = Members.GetByEmail(Email); AuthMemberTicket _AuthMemberTicket = AuthMemberTickets.GetByMemberToken(Member.MemberID, AuthToken); // Check does session exists for requested token. If doesn't return emty object, so client will be redirected to sign in page. if (_AuthMemberTicket.AuthMemberTicketID <= 0) { result = false; } else if (_AuthMemberTicket.AuthMemberTicketID > 0 && _AuthMemberTicket.Expiration < DateTime.Now) { _AuthMemberTicket.Delete(); result = false; } else { result = true; } Json = ActionValidationResults.JsonItem(new ActionValidationResult() { IsValid = result, Expiration = _AuthMemberTicket.Expiration != DateTime.MinValue ? _AuthMemberTicket.Expiration : DateTime.Now.AddDays(-1) }); return(Content(Json, TypeJson)); }
/// <summary> /// Checks if authr ticket valid. /// </summary> public static void IsAuthTicketValid() { HttpContext hc = HttpContext.Current; HttpCookie authCookie = hc.Request.Cookies[FormsAuthentication.FormsCookieName]; try { if (hc.User.Identity.IsAuthenticated && authCookie != null && hc.Request.QueryString["signedout"] != "1") { JavaScriptSerializer serializer = new JavaScriptSerializer(); FormsAuthenticationTicket _authTicket = FormsAuthentication.Decrypt(authCookie.Value); AuthMemberToken _ticketMemberSession = serializer.Deserialize <AuthMemberToken>(_authTicket.UserData); ActionValidationResult _result = ActionValidationResults.IsAuthTicketValid(_ticketMemberSession.MemberEmail, _ticketMemberSession.Token); if (!_result.IsValid) { hc.Response.Redirect(Tools.SingleSignOnRedirectUrl(SingleSignOnRedirectTo.SignOut, hc.Request.Url.PathAndQuery)); } else if (_authTicket.Expiration < _result.Expiration) { // Renew auth cookie with ticket. // FormsAuthentication.SlidingExpiration } } else if (hc.User.Identity.IsAuthenticated && hc.Request.QueryString["signedout"] == "1") { DoCrossDomainSingleSingOut(hc); hc.Response.Redirect(Tools.SingleSignOnRedirectUrl(SingleSignOnRedirectTo.SignOut, hc.Request.Url.PathAndQuery)); } } catch { hc.Response.Redirect(Tools.SingleSignOnRedirectUrl(SingleSignOnRedirectTo.SignOut, hc.Request.Url.PathAndQuery)); } }