Example #1
0
 static public bool ValidateAuthToken(string Secret, string Key, out Int64 UserId, out Int64 AuthTokenId)
 {
     try
     {
         Query qry = new Query(UserAuthToken.TableSchema).Where(UserAuthToken.Columns.Secret, Secret).AND(UserAuthToken.Columns.Key, Key);
         UserAuthTokenCollection coll = UserAuthTokenCollection.FetchByQuery(qry);
         if (coll.Count == 1)
         {
             UserAuthToken token = coll[0];
             if (token.Expiry < DateTime.UtcNow || token.Key != EncodeKey(token.UserId, AuthTokenKeySalt_UserId))
             {
                 UserAuthToken.Delete(token.UserAuthTokenId);
                 UserId      = 0;
                 AuthTokenId = 0;
                 return(false);
             }
             else
             {
                 UserId      = token.UserId;
                 AuthTokenId = token.UserAuthTokenId;
                 DateTime newExpiry = DateTime.UtcNow.AddHours(AuthTokenLifeSpan_UserId);
                 if (newExpiry > token.Expiry)
                 {
                     token.Expiry = newExpiry;
                 }
                 token.Save();
                 return(true);
             }
         }
         else
         {
             UserId      = 0;
             AuthTokenId = 0;
             return(false);
         }
     }
     catch
     {
         UserId      = 0;
         AuthTokenId = 0;
         return(false);
     }
 }
Example #2
0
 static public bool IsAuthenticated()
 {
     if (HttpContext.Current.Session[@"Authenticated"] != null && (bool)HttpContext.Current.Session[@"Authenticated"])
     {
         return(!(IsLockOrDelete()));
     }
     else
     {
         HttpCookie cookie = HttpContext.Current.Request.Cookies[@"auth-token"];
         if (cookie != null)
         {
             string[] auth = TeaEncryptor.Decrypt(cookie.Value, RememberMeCookieEncryptionKey).Split(':');
             if (auth.Length == 2)
             {
                 Int64 UserId;
                 Int64 AuthTokenId;
                 if (AuthTokens.ValidateAuthToken(auth[0], auth[1], out UserId, out AuthTokenId))
                 {
                     Membership.UserAuthenticateResults results = Membership.UserLoggedInAction(UserId);
                     if (results == Membership.UserAuthenticateResults.Success)
                     {
                         HttpContext.Current.Session[@"Authenticated"] = true;
                         HttpContext.Current.Session[@"AuthTokenId"]   = AuthTokenId;
                         HttpContext.Current.Session[@"UserId"]        = UserId;
                         HttpContext.Current.Session[@"LangCode"]      = dg.Sql.Query.New <UserProfile>().Select(UserProfile.Columns.DefaultLangCode).Where(UserProfile.Columns.UserId, UserId).ExecuteScalar() as string;
                         return(true);
                     }
                     else
                     {
                         UserAuthToken.Delete(AuthTokenId);
                         HttpContext.Current.Response.Cookies.Set(new HttpCookie(@"auth-token", @""));
                     }
                 }
                 else
                 {
                     HttpContext.Current.Response.Cookies.Set(new HttpCookie(@"auth-token", @""));
                 }
             }
         }
     }
     return(false);
 }