static public bool ValidateAuthToken(string Secret, string Key, out Int64 UserId, out Int64 AuthTokenId) { try { Query qry = new Query(UserAuthToken.TableSchema).Where(UserAuthToken.Columns.Secret, Secret).AND(UserAuthToken.Columns.Key, Key); UserAuthTokenCollection coll = UserAuthTokenCollection.FetchByQuery(qry); if (coll.Count == 1) { UserAuthToken token = coll[0]; if (token.Expiry < DateTime.UtcNow || token.Key != EncodeKey(token.UserId, AuthTokenKeySalt_UserId)) { UserAuthToken.Delete(token.UserAuthTokenId); UserId = 0; AuthTokenId = 0; return(false); } else { UserId = token.UserId; AuthTokenId = token.UserAuthTokenId; DateTime newExpiry = DateTime.UtcNow.AddHours(AuthTokenLifeSpan_UserId); if (newExpiry > token.Expiry) { token.Expiry = newExpiry; } token.Save(); return(true); } } else { UserId = 0; AuthTokenId = 0; return(false); } } catch { UserId = 0; AuthTokenId = 0; return(false); } }
static public bool IsAuthenticated() { if (HttpContext.Current.Session[@"Authenticated"] != null && (bool)HttpContext.Current.Session[@"Authenticated"]) { return(!(IsLockOrDelete())); } else { HttpCookie cookie = HttpContext.Current.Request.Cookies[@"auth-token"]; if (cookie != null) { string[] auth = TeaEncryptor.Decrypt(cookie.Value, RememberMeCookieEncryptionKey).Split(':'); if (auth.Length == 2) { Int64 UserId; Int64 AuthTokenId; if (AuthTokens.ValidateAuthToken(auth[0], auth[1], out UserId, out AuthTokenId)) { Membership.UserAuthenticateResults results = Membership.UserLoggedInAction(UserId); if (results == Membership.UserAuthenticateResults.Success) { HttpContext.Current.Session[@"Authenticated"] = true; HttpContext.Current.Session[@"AuthTokenId"] = AuthTokenId; HttpContext.Current.Session[@"UserId"] = UserId; HttpContext.Current.Session[@"LangCode"] = dg.Sql.Query.New <UserProfile>().Select(UserProfile.Columns.DefaultLangCode).Where(UserProfile.Columns.UserId, UserId).ExecuteScalar() as string; return(true); } else { UserAuthToken.Delete(AuthTokenId); HttpContext.Current.Response.Cookies.Set(new HttpCookie(@"auth-token", @"")); } } else { HttpContext.Current.Response.Cookies.Set(new HttpCookie(@"auth-token", @"")); } } } } return(false); }