public IActionResult Index() { #if DEBUG var authRequest = new AuthRequestPayload() { RequestId = Guid.NewGuid(), Source = "Home", RedirectUri = new Uri("https://andreihava.net"), ResponseUri = new Uri("http://localhost/") }; return(RedirectToAction("Index", "Authentication", new { AuthToken = authRequest.Encode() })); #else return(RedirectToActionPermanent("Index", "Authentication")); #endif }
public IActionResult Index() { if (Request.Query.Count == 0) { return(Redirect("https://andreihava.net/")); } if (Request.Query.ContainsKey("Email")) { var email = Request.Query.ContainsKey("Email") ? Request.Query["Email"].ToString() : string.Empty; if (string.IsNullOrEmpty(email)) { return(BadRequest("Email parameter was defined but didn't have a value!")); } var newReg = Request.Query.ContainsKey("NewAccount") && bool.Parse(Request.Query["NewAccount"].ToString()); var pendingActivation = Request.Query.ContainsKey("PendingActivation") && bool.Parse(Request.Query["PendingActivation"].ToString()); if (string.IsNullOrEmpty(email)) { return(View("Authentication", new AuthenticationIdentity())); } var identity = new AuthenticationIdentity { Email = email, NewAccount = newReg, PendingActivation = pendingActivation }; return(View("Authentication", identity)); } if (Request.Query.ContainsKey("AuthToken")) { Session session; AuthRequestPayload authRequest; var authToken = Request.Query.ContainsKey("AuthToken") ? Request.Query["AuthToken"].ToString() : string.Empty; if (string.IsNullOrEmpty(authToken)) { return(BadRequest("AuthToken parameter was defined but didn't have a value!")); } authRequest = AuthRequestPayload.Decode(authToken); if (Request.Cookies.ContainsKey("SID")) { var sid = Guid.Parse(Request.Cookies["SID"]); session = SessionStore.GetSession(sid); if (session == null || !session.IsValid()) { session = SessionStore.CreateSession(TimeSpan.FromHours(12)); } else { var authResponse = session.GetAttribute <AuthResponsePayload>("AuthPayload"); authResponse.RequestId = authRequest.RequestId; HttpHandler.Post(authRequest.ResponseUri, authResponse.Encode()).Wait(); return(Redirect(authRequest.RedirectUri.ToString())); } } else { session = SessionStore.CreateSession(TimeSpan.FromHours(12)); } session["AuthRequest"] = authRequest; Response.Cookies.Append("SID", session.Guid.ToString(), new CookieOptions() { Domain = Request.Host.Host, HttpOnly = true, SameSite = SameSiteMode.Strict, Expires = DateTimeOffset.UtcNow.AddHours(12) }); Response.Cookies.Append("RID", authRequest.RequestId.ToString(), new CookieOptions() { Domain = Request.Host.Host, HttpOnly = true, SameSite = SameSiteMode.Strict }); return(View("Authentication", new AuthenticationIdentity())); } return(BadRequest()); }