public static TPetraPrincipal PerformUserAuthentication(String AUserID, String APassword, string AClientComputerName, string AClientIPAddress, out Boolean ASystemEnabled, TDBTransaction ATransaction) { SUserRow UserDR; DateTime LoginDateTime; TPetraPrincipal PetraPrincipal = null; string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); IUserAuthentication AuthenticationAssembly; string AuthAssemblyErrorMessage; Int32 AProcessID = -1; ASystemEnabled = true; string EmailAddress = AUserID; if (EmailAddress.Contains("@")) { // try to find unique User for this e-mail address string sql = "SELECT s_user_id_c FROM PUB_s_user WHERE UPPER(s_email_address_c) = ?"; OdbcParameter[] parameters = new OdbcParameter[1]; parameters[0] = new OdbcParameter("EmailAddress", OdbcType.VarChar); parameters[0].Value = EmailAddress.ToUpper(); DataTable result = ATransaction.DataBaseObj.SelectDT(sql, "user", ATransaction, parameters); if (result.Rows.Count == 1) { AUserID = result.Rows[0][0].ToString(); } else { TLogging.Log("Login with E-Mail address failed for " + EmailAddress + ". " + "We found " + result.Rows.Count.ToString() + " matching rows for this address."); } } try { UserDR = LoadUser(AUserID, out PetraPrincipal, ATransaction); } catch (EUserNotExistantException) { TPetraIdentity PetraIdentity = new TPetraIdentity( "SYSADMIN", "", "", "", "", DateTime.MinValue, DateTime.MinValue, DateTime.MinValue, 0, -1, -1, false, false, false); UserInfo.GUserInfo = new TPetraPrincipal(PetraIdentity, null); // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_NONEXISTING_USER, String.Format(Catalog.GetString( "User with User ID '{0}' attempted to log in, but there is no user account for this user! "), AUserID) + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw; } UserInfo.GUserInfo = PetraPrincipal; if ((AUserID == "SYSADMIN") && TSession.HasVariable("ServerAdminToken")) { // Login via server admin console authenticated by file token APassword = String.Empty; } // // (1) Check user-supplied password // else if (UserAuthenticationMethod == "OpenPetraDBSUser") { if (!TPasswordHelper.EqualsAntiTimingAttack( Convert.FromBase64String( CreateHashOfPassword(APassword, UserDR.PasswordSalt, UserDR.PwdSchemeVersion)), Convert.FromBase64String(UserDR.PasswordHash))) { // The password that the user supplied is wrong!!! --> Save failed user login attempt! // If the number of permitted failed logins in a row gets exceeded then also lock the user account! SaveFailedLogin(AUserID, UserDR, AClientComputerName, AClientIPAddress, ATransaction); if (UserDR.AccountLocked && (Convert.ToBoolean(UserDR[SUserTable.GetAccountLockedDBName(), DataRowVersion.Original]) != UserDR.AccountLocked)) { // User Account just got locked! throw new EUserAccountGotLockedException(StrInvalidUserIDPassword); } else { throw new EPasswordWrongException(StrInvalidUserIDPassword); } } } else { AuthenticationAssembly = LoadAuthAssembly(UserAuthenticationMethod); if (!AuthenticationAssembly.AuthenticateUser(EmailAddress, APassword, out AuthAssemblyErrorMessage)) { // The password that the user supplied is wrong!!! --> Save failed user login attempt! // If the number of permitted failed logins in a row gets exceeded then also lock the user account! SaveFailedLogin(AUserID, UserDR, AClientComputerName, AClientIPAddress, ATransaction); if (UserDR.AccountLocked && (Convert.ToBoolean(UserDR[SUserTable.GetAccountLockedDBName(), DataRowVersion.Original]) != UserDR.AccountLocked)) { // User Account just got locked! throw new EUserAccountGotLockedException(StrInvalidUserIDPassword); } else { throw new EPasswordWrongException(AuthAssemblyErrorMessage); } } } // // (2) Check if the User Account is Locked or if the user is 'Retired'. If either is true then deny the login!!! // // IMPORTANT: We perform these checks only AFTER the check for the correctness of the password so that every // log-in attempt that gets rejected on grounds of a wrong password takes the same amount of time (to help prevent // an attack vector called 'timing attack') if (PetraPrincipal.PetraIdentity.AccountLocked || PetraPrincipal.PetraIdentity.Retired) { if (PetraPrincipal.PetraIdentity.AccountLocked) { // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_LOCKED_USER, Catalog.GetString("User attempted to log in, but the user account was locked! ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw new EUserAccountLockedException(StrInvalidUserIDPassword); } else { // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_RETIRED_USER, Catalog.GetString("User attempted to log in, but the user is retired! ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw new EUserRetiredException(StrInvalidUserIDPassword); } } // // (3) Check SystemLoginStatus (whether the general use of the OpenPetra application is enabled/disabled) in the // SystemStatus table (this table always holds only a single record) // SSystemStatusTable SystemStatusDT; SystemStatusDT = SSystemStatusAccess.LoadAll(ATransaction); if (SystemStatusDT[0].SystemLoginStatus) { ASystemEnabled = true; } else { ASystemEnabled = false; // TODO: Check for Security Group membership might need reviewal when security model of OpenPetra might get reviewed... if (PetraPrincipal.IsInGroup("SYSADMIN")) { PetraPrincipal.LoginMessage = String.Format(StrSystemDisabled1, SystemStatusDT[0].SystemDisabledReason) + Environment.NewLine + Environment.NewLine + StrSystemDisabled2Admin; } else { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_WHEN_SYSTEM_WAS_DISABLED, Catalog.GetString("User wanted to log in, but the System was disabled. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); TLoginLog.RecordUserLogout(AUserID, AProcessID, ATransaction); throw new ESystemDisabledException(String.Format(StrSystemDisabled1, SystemStatusDT[0].SystemDisabledReason) + Environment.NewLine + Environment.NewLine + String.Format(StrSystemDisabled2, StringHelper.DateToLocalizedString(SystemStatusDT[0].SystemAvailableDate.Value), SystemStatusDT[0].SystemAvailableDate.Value.AddSeconds(SystemStatusDT[0].SystemAvailableTime).ToShortTimeString())); } } // // (4) Save successful login! // LoginDateTime = DateTime.Now; UserDR.LastLoginDate = LoginDateTime; UserDR.LastLoginTime = Conversions.DateTimeToInt32Time(LoginDateTime); UserDR.FailedLogins = 0; // this needs resetting! // Upgrade the user's password hashing scheme if it is older than the current password hashing scheme if (APassword != String.Empty && UserDR.PwdSchemeVersion < TPasswordHelper.CurrentPasswordSchemeNumber) { TMaintenanceWebConnector.SetNewPasswordHashAndSaltForUser(UserDR, APassword, AClientComputerName, AClientIPAddress, ATransaction); } SaveUser(AUserID, (SUserTable)UserDR.Table, ATransaction); PetraPrincipal.PetraIdentity.CurrentLogin = LoginDateTime; //PetraPrincipal.PetraIdentity.FailedLogins = 0; // TODO: Check for Security Group membership might need reviewal when security model of OpenPetra might get reviewed... if (PetraPrincipal.IsInGroup("SYSADMIN")) { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_SUCCESSFUL_SYSADMIN, Catalog.GetString("User login - SYSADMIN privileges. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); } else { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_SUCCESSFUL, Catalog.GetString("User login. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); } PetraPrincipal.ProcessID = AProcessID; AProcessID = 0; // // (5) Check if a password change is requested for this user // if (UserDR.PasswordNeedsChange) { // The user needs to change their password before they can use OpenPetra PetraPrincipal.LoginMessage = SharedConstants.LOGINMUSTCHANGEPASSWORD; } return(PetraPrincipal); }
public static bool PerformUserAuthentication(String AUserID, String APassword, string AClientComputerName, string AClientIPAddress, out Boolean ASystemEnabled, TDBTransaction ATransaction) { SUserRow UserDR; DateTime LoginDateTime; TPetraPrincipal PetraPrincipal = null; string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false); IUserAuthentication AuthenticationAssembly; string AuthAssemblyErrorMessage; Int32 AProcessID = -1; ASystemEnabled = true; CheckDatabaseVersion(ATransaction.DataBaseObj); string EmailAddress = AUserID; try { UserDR = LoadUser(AUserID, out PetraPrincipal, ATransaction); } catch (EUserNotExistantException) { // pass ATransaction UserInfo.SetUserInfo(new TPetraPrincipal("SYSADMIN")); // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_NONEXISTING_USER, String.Format(Catalog.GetString( "User with User ID '{0}' attempted to log in, but there is no user account for this user! "), AUserID) + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw; } // pass ATransaction UserInfo.SetUserInfo(PetraPrincipal); if (AUserID == "SELFSERVICE") { APassword = String.Empty; } else if ((AUserID == "SYSADMIN") && TSession.HasVariable("ServerAdminToken")) { // Login via server admin console authenticated by file token APassword = String.Empty; } // // (1) Check user-supplied password // else if (UserAuthenticationMethod == "OpenPetraDBSUser") { if (!TPasswordHelper.EqualsAntiTimingAttack( Convert.FromBase64String( CreateHashOfPassword(APassword, UserDR.PasswordSalt, UserDR.PwdSchemeVersion)), Convert.FromBase64String(UserDR.PasswordHash))) { // The password that the user supplied is wrong!!! --> Save failed user login attempt! // If the number of permitted failed logins in a row gets exceeded then also lock the user account! SaveFailedLogin(AUserID, UserDR, AClientComputerName, AClientIPAddress, ATransaction); if (UserDR.AccountLocked && (Convert.ToBoolean(UserDR[SUserTable.GetAccountLockedDBName(), DataRowVersion.Original]) != UserDR.AccountLocked)) { // User Account just got locked! throw new EUserAccountGotLockedException(StrInvalidUserIDPassword); } else { throw new EPasswordWrongException(StrInvalidUserIDPassword); } } } else { AuthenticationAssembly = LoadAuthAssembly(UserAuthenticationMethod); if (!AuthenticationAssembly.AuthenticateUser(EmailAddress, APassword, out AuthAssemblyErrorMessage)) { // The password that the user supplied is wrong!!! --> Save failed user login attempt! // If the number of permitted failed logins in a row gets exceeded then also lock the user account! SaveFailedLogin(AUserID, UserDR, AClientComputerName, AClientIPAddress, ATransaction); if (UserDR.AccountLocked && (Convert.ToBoolean(UserDR[SUserTable.GetAccountLockedDBName(), DataRowVersion.Original]) != UserDR.AccountLocked)) { // User Account just got locked! throw new EUserAccountGotLockedException(StrInvalidUserIDPassword); } else { throw new EPasswordWrongException(AuthAssemblyErrorMessage); } } } // // (2) Check if the User Account is Locked or if the user is 'Retired'. If either is true then deny the login!!! // // IMPORTANT: We perform these checks only AFTER the check for the correctness of the password so that every // log-in attempt that gets rejected on grounds of a wrong password takes the same amount of time (to help prevent // an attack vector called 'timing attack') if (UserDR.AccountLocked || UserDR.Retired) { if ((AUserID == "SYSADMIN") && TSession.HasVariable("ServerAdminToken")) { // this is ok. we need to be able to activate the sysadmin account on SetInitialSysadminEmail } else if (UserDR.AccountLocked) { // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_LOCKED_USER, Catalog.GetString("User attempted to log in, but the user account was locked! ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw new EUserAccountLockedException(StrInvalidUserIDPassword); } else { // Logging TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_FOR_RETIRED_USER, Catalog.GetString("User attempted to log in, but the user is retired! ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); // Only now throw the Exception! throw new EUserRetiredException(StrInvalidUserIDPassword); } } // // (3) Check SystemLoginStatus (whether the general use of the OpenPetra application is enabled/disabled) in the // SystemStatus table (this table always holds only a single record) // SSystemStatusTable SystemStatusDT; SystemStatusDT = SSystemStatusAccess.LoadAll(ATransaction); if (SystemStatusDT[0].SystemLoginStatus) { ASystemEnabled = true; } else { ASystemEnabled = false; // TODO: Check for Security Group membership might need reviewal when security model of OpenPetra might get reviewed... if (PetraPrincipal.IsInGroup("SYSADMIN")) { PetraPrincipal.LoginMessage = String.Format(StrSystemDisabled1, SystemStatusDT[0].SystemDisabledReason) + Environment.NewLine + Environment.NewLine + StrSystemDisabled2Admin; } else { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_WHEN_SYSTEM_WAS_DISABLED, Catalog.GetString("User wanted to log in, but the System was disabled. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); TLoginLog.RecordUserLogout(AUserID, AProcessID, ATransaction); throw new ESystemDisabledException(String.Format(StrSystemDisabled1, SystemStatusDT[0].SystemDisabledReason) + Environment.NewLine + Environment.NewLine + String.Format(StrSystemDisabled2, StringHelper.DateToLocalizedString(SystemStatusDT[0].SystemAvailableDate.Value), SystemStatusDT[0].SystemAvailableDate.Value.AddSeconds(SystemStatusDT[0].SystemAvailableTime).ToShortTimeString())); } } // // (3b) Check if the license is valid // string LicenseCheckUrl = TAppSettingsManager.GetValue("LicenseCheck.Url", String.Empty, false); string LicenseUser = TAppSettingsManager.GetValue("Server.DBName"); if ((AUserID == "SYSADMIN") && TSession.HasVariable("ServerAdminToken")) { // don't check for the license, since this is called when upgrading the server as well. LicenseCheckUrl = String.Empty; } if ((LicenseCheckUrl != String.Empty) && (LicenseUser != "openpetra")) { string url = LicenseCheckUrl + LicenseUser; string result = THTTPUtils.ReadWebsite(url); bool valid = result.Contains("\"valid\":true"); bool gratis = result.Contains("\"gratis\":true"); if (!valid && !gratis) { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_ATTEMPT_WHEN_SYSTEM_WAS_DISABLED, Catalog.GetString("User wanted to log in, but the license is expired. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); TLoginLog.RecordUserLogout(AUserID, AProcessID, ATransaction); throw new ELicenseExpiredException("LICENSE_EXPIRED"); } } // // (4) Save successful login! // LoginDateTime = DateTime.Now; UserDR.LastLoginDate = LoginDateTime; UserDR.LastLoginTime = Conversions.DateTimeToInt32Time(LoginDateTime); UserDR.FailedLogins = 0; // this needs resetting! // Upgrade the user's password hashing scheme if it is older than the current password hashing scheme if (APassword != String.Empty && UserDR.PwdSchemeVersion < TPasswordHelper.CurrentPasswordSchemeNumber) { TMaintenanceWebConnector.SetNewPasswordHashAndSaltForUser(UserDR, APassword, AClientComputerName, AClientIPAddress, ATransaction); } SaveUser(AUserID, (SUserTable)UserDR.Table, ATransaction); // TODO: Check for Security Group membership might need reviewal when security model of OpenPetra might get reviewed... if (PetraPrincipal.IsInGroup("SYSADMIN")) { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_SUCCESSFUL_SYSADMIN, Catalog.GetString("User login - SYSADMIN privileges. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); } else { TLoginLog.AddLoginLogEntry(AUserID, TLoginLog.LOGIN_STATUS_TYPE_LOGIN_SUCCESSFUL, Catalog.GetString("User login. ") + String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress), out AProcessID, ATransaction); } PetraPrincipal.ProcessID = AProcessID; AProcessID = 0; // // (5) Check if a password change is requested for this user // if (UserDR.PasswordNeedsChange) { // The user needs to change their password before they can use OpenPetra PetraPrincipal.LoginMessage = SharedConstants.LOGINMUSTCHANGEPASSWORD; } return(true); }