protected Connector.QueryResult AuthenByDB(string storeName, Connector.QueryParameter loginParameter)
{
Connector.IDatabaseConnector dbConnector = new Connector.DatabaseConnectorClass();
Connector.QueryResult loginResult = dbConnector.ExecuteStoredProcedure(storeName, loginParameter);
if (loginResult.Success)
{
if (loginResult.DataTable != null && loginResult.DataTable.Rows.Count > 0)
{
foreach (DataColumn dc in loginResult.DataTable.Columns)
{
Session["DVS_" + dc.ColumnName] = loginResult.DataTable.Rows[0][dc.ColumnName];
}
loginResult = GetSystemPermission(Session["DVS_USER_ID"].ToString());
Session.Remove("DVS_IS_GUEST");
}
else
{
throw new Exception(loginResult.Message);
}
}
else
{
throw new Exception(loginResult.Message);
}
return(loginResult);
}
protected Connector.QueryResult GetSystemPermission(string userid)
{
if (userid == "999999999")
{
return(GetPrivatePermission());
}
Connector.IDatabaseConnector dbConnector = new Connector.DatabaseConnectorClass();
Connector.QueryResult permissionResult = null;
permissionResult = dbConnector.ExecuteStoredProcedure("APP_Q_CONFIG", new Connector.QueryParameter(new Dictionary <string, object>()
{
{ "USER_ID", userid }
}));
Dictionary <string, object> session = new Dictionary <string, object>();
foreach (string sKey in Session.Keys)
{
if (!sKey.StartsWith("DVS_"))
{
continue;
}
session.Add(sKey.Replace("DVS_", ""), Session[sKey]);
}
permissionResult.AddOutputParam("session", session);
return(permissionResult);
}
public static void ApplicationLogout(HttpSessionState Session, HttpResponse Response = null)
{
Connector.IDatabaseConnector dbConnector = new Connector.DatabaseConnectorClass();
Connector.QueryParameter logoutParameter = new Connector.QueryParameter();
Connector.QueryResult logoutResult = new Connector.QueryResult();
if (Session != null && Session["DVS_USER_ID"] != null)
{
if (Session["AUTHEN_TOKEN"] != null)
{
AMSDuplicateAuthenCore.ClearToken(Session["DVS_USER_ID"].ToString(), Session["AUTHEN_TOKEN"].ToString());
}
logoutParameter.Add("USER_ID", Session["DVS_USER_ID"]);
logoutResult = dbConnector.ExecuteStoredProcedure("SYS_I_LOGOUT", logoutParameter);
logoutResult.Success = true;
logoutResult.Message = string.Empty;
logoutResult.RemoveOutputParam("error");
Session.Abandon();
}
if (Response != null)
{
HttpCookie authenTokenCookie = new HttpCookie("AUTHEN_TOKEN");
authenTokenCookie.Value = "";
Response.Cookies.Add(authenTokenCookie);
Response.ClearContent();
Response.ContentType = "application/json";
Response.Write(logoutResult.ToJson());
}
}
protected bool PageSelector(string request, out string wgNamespace, out Dictionary <string, object> wgParameters)
{
wgNamespace = string.Empty;
wgParameters = new Dictionary <string, object>();
switch (request)
{
case "portal":
wgNamespace = "viewer/Portal/Portal";
if (Session != null && Session["DVS_USER_ID"] != null)
{
if (!checkAuthentication())
{
return(false);
}
if (AMSCore.WebConfigReadKey("AUTHENTICATION_TYPE") == "1")
{
wgParameters = new Dictionary <string, object>()
{
{ "permission", GetSystemPermission(Session["DVS_USER_ID"].ToString()).ToDictionary() }
};
}
else if (AMSCore.WebConfigReadKey("AUTHENTICATION_TYPE") == "2")
{
wgParameters = new Dictionary <string, object>()
{
{ "permission", AuthenByAD(Session["DVS_USER_ID"].ToString()).ToDictionary() }
};
}
else if (AMSCore.WebConfigReadKey("AUTHENTICATION_TYPE") == "3")
{
}
}
else if (AMSCore.WebConfigReadKey("GUEST_ENABLED") != null && AMSCore.WebConfigReadKey("GUEST_ENABLED").Equals("1"))
{
Session["DVS_IS_GUEST"] = true;
Session["DVS_USER_ID"] = AMSCore.WebConfigReadKey("GUEST_USER_ID");
wgParameters = new Dictionary <string, object>()
{
{ "permission", GetSystemPermission(Session["DVS_USER_ID"].ToString()).ToDictionary() }
};
}
break;
case "logout":
{
ApplicationLogout(Session, Response);
if (Request.HttpMethod != "POST")
{
Response.Redirect("~/", true);
}
return(false);
}
case "system":
if (Request.HttpMethod == "POST")
{
Response.ClearContent();
Connector.QueryParameter reqParameter = new Connector.QueryParameter(Request);
if (reqParameter["SYS_ID"].Equals("-1"))
{
Session.Remove("DVS_SYSTEM_ID");
}
else
{
Session["DVS_SYSTEM_ID"] = reqParameter["SYS_ID"];
}
Response.ContentType = "application/json";
Response.Write(new Connector.QueryResult().ToJson());
return(false);
}
else if (!checkAuthentication())
{
return(false);
}
break;
case "forgetPassword":
{
wgNamespace = "viewer/ForgetPassword/ForgetPassword";
wgParameters = new Dictionary <string, object>()
{
{ "token", Request.Params["token"] },
{ "userid", Request.Params["userid"] },
{ "forgetByEmail", true }
};
break;
}
case "APP_Q_LOGIN":
{
Response.ClearContent();
ApplicationLogin("APP_Q_LOGIN");
return(false);
}
case "UM_Q_VERIFY_USER":
case "UM_U_PWD":
case "UM_U_RESET_PWD":
case "UM_Q_MAIL_TOKEN":
{
Response.ClearContent();
string storeName = request;
Connector.IDatabaseConnector dbConnector = new Connector.DatabaseConnectorClass();
Connector.QueryParameter reqParameter = new Connector.QueryParameter(Request);
Connector.QueryResult logoutResult = dbConnector.ExecuteStoredProcedure(storeName, reqParameter);
Response.ContentType = "application/json";
Response.Write(logoutResult.ToJson());
return(false);
}
default:
break;
}
return(true);
}
protected override void CreateChildControls()
{
base.CreateChildControls();
//assign HTML injection configuration.
List <string> webConfigToSetCookieList = new List <string>()
{
"PREVENT_HTML_INPUT",
"ENCODE_HTML",
"PREVENT_HTML_INPUT_CHAR_LIST"
};
foreach (string webConfigParam in webConfigToSetCookieList)
{
if (Response.Cookies[webConfigParam] == null)
{
HttpCookie cookie = new HttpCookie(webConfigParam);
cookie.Value = AMSCore.WebConfigReadKey(webConfigParam);
Response.Cookies.Add(cookie);
}
else
{
Response.Cookies[webConfigParam].Value = AMSCore.WebConfigReadKey(webConfigParam);
}
}
//assign authentication token for checking authentication.
if (Session["AUTHEN_TOKEN"] != null)
{
HttpCookie authenTokenCookie = new HttpCookie("AUTHEN_TOKEN");
authenTokenCookie.Value = Session["AUTHEN_TOKEN"].ToString();
Response.Cookies.Add(authenTokenCookie);
}
//assign CSRF token for checking form sending from across domain.
if (Session["CSRF_TOKEN"] != null)
{
HttpCookie authenTokenCookie = new HttpCookie("CSRF_TOKEN");
authenTokenCookie.Value = Session["CSRF_TOKEN"].ToString();
Response.Cookies.Add(authenTokenCookie);
}
Response.Cache.SetNoStore();
InsertMeta();
Connector.QueryParameter requestParameter = new Connector.QueryParameter(Request);
string cssDojoUrl = AMSCore.WebConfigReadKey("CSS_DOJO");
string cssEsriUrl = AMSCore.WebConfigReadKey("CSS_ESRI");
string jsAmosUrl = AMSCore.WebConfigReadKey("JS_AMOS_URL");
string cssAmosUrl = AMSCore.WebConfigReadKey("CSS_AMOS");
/// Insert Script Tags (reverse seq.)
/// last --> first
InsertScriptSrc(AMSCore.WebConfigReadKey("CONFIG_ESRI") + appCacheBust);
InsertScriptSrc(AMSCore.WebConfigReadKey("JS_API_URL") + appCacheBust);
InitializeDojoConfig(requestParameter);
if (jsAmosUrl.StartsWith("//"))
{
jsAmosUrl = "location.protocol + '" + jsAmosUrl + "'";
}
else
{
jsAmosUrl = "'" + jsAmosUrl + "'";
}
InsertScriptTag("dojoConfig.packages.push({'name': 'esrith', 'location': " + jsAmosUrl + "});");
InsertScriptSrc(AMSCore.WebConfigReadKey("CONFIG_DOJO") + appCacheBust);
/// Insert Style Tags (forward seq.)
/// first --> last
InsertStyleTag(
string.Format("@import '{0}';", cssDojoUrl + appCacheBust) + "\r\n" +
string.Format("@import '{0}';", cssEsriUrl + appCacheBust) + "\r\n" +
string.Format("@import '{0}';", cssAmosUrl + appCacheBust)
);
long timeDiff = 0;
double timezone = 0;
if (AMSCore.WebConfigReadKey("IS_DEBUG") == "0")
{
Connector.IDatabaseConnector dbConnector = new Connector.DatabaseConnectorClass();
Connector.QueryResult dbResult = null;
try
{
if (dbConnector.Provider == Connector.ProviderFactory.Oracle)
{
dbResult = dbConnector.ExecuteStatement("select sysdate as CURRENT_DATE, dbtimezone as TIMEOFFSET from dual");
}
else if (dbConnector.Provider == Connector.ProviderFactory.MSSQL)
{
dbResult = dbConnector.ExecuteStatement("select getdate() as CURRENT_DATE, datediff(minute, convert(time, sysutcdatetime()), convert(time, sysdatetimeoffset())) as TIMEOFFSET");
}
}
catch { }
if (dbResult.Success == true && dbResult.DataTable.Rows.Count > 0)
{
timeDiff = AMSCore.DateTimeToUnixTimeStamp((dbResult.DataTable.Rows[0]["CURRENT_DATE"] as DateTime?).Value);
string timeOffset = dbResult.DataTable.Rows[0]["TIMEOFFSET"].ToString();
if (timeOffset.StartsWith("+"))
{
timezone = double.Parse("-" + AMSCore.StringToDateTime(timeOffset.Substring(1), "HH:mm").TimeOfDay.TotalMinutes.ToString());
}
else if (timeOffset.StartsWith("-"))
{
timezone = double.Parse("+" + AMSCore.StringToDateTime(timeOffset.Substring(1), "HH:mm").TimeOfDay.TotalMinutes.ToString());
}
else
{
timezone = double.Parse(dbResult.DataTable.Rows[0]["TIMEOFFSET"].ToString());
}
}
else
{
TimeZone localZone = TimeZone.CurrentTimeZone;
DateTime currentDate = DateTime.Now;
TimeSpan currentOffset = localZone.GetUtcOffset(currentDate);
timeDiff = AMSCore.DateTimeToUnixTimeStamp(currentDate, -currentOffset.TotalMinutes);
timezone = currentOffset.TotalMinutes * -1;
}
}
else
{
TimeZone localZone = TimeZone.CurrentTimeZone;
DateTime currentDate = DateTime.Now;
TimeSpan currentOffset = localZone.GetUtcOffset(currentDate);
timeDiff = AMSCore.DateTimeToUnixTimeStamp(DateTime.Now, -currentOffset.TotalMinutes);
timezone = currentOffset.TotalMinutes * -1;
}
//Dictionary<string, object> sessionObject = new Dictionary<string, object>();
//Dictionary<string, object> sessionObject2 = null;
System.Web.Script.Serialization.JavaScriptSerializer serialization = new System.Web.Script.Serialization.JavaScriptSerializer();
StringBuilder txtScript = new StringBuilder();
txtScript.AppendLine("try{");
txtScript.AppendLine("Object.defineProperty(window,'appVersion',{value:'" + appVersion + "'});");
txtScript.AppendLine("Object.defineProperty(window,'appServer',{value:{}});");
txtScript.AppendLine("Object.defineProperty(appServer,'timeDiff',{value:" + timeDiff + " - new Date().getTime()});");
txtScript.AppendLine("Object.defineProperty(appServer,'timeZone',{value:" + timezone + "});");
txtScript.AppendLine("Object.defineProperty(appServer,'isDebug',{value:'" + AMSCore.WebConfigReadKey("IS_DEBUG") + "'});");
txtScript.AppendLine("Object.defineProperty(appServer,'isEncrypt',{value:'" + AMSCore.WebConfigReadKey("IS_ENCRYPT") + "'});");
txtScript.AppendLine("Object.defineProperty(appServer,'sessionId',{value:'" + Session.SessionID + "'});");
Dictionary <string, object> webConfigObject = new Dictionary <string, object>();
txtScript.AppendLine("Object.defineProperty(appServer,'webConfig',{value:{}});");
foreach (string keyConfig in AMSCore.WebConfigKeys())
{
webConfigObject.Add(keyConfig, AMSCore.WebConfigReadKey(keyConfig));
txtScript.AppendLine(string.Format(@"Object.defineProperty(appServer.webConfig,'{0}',{1});", keyConfig, serialization.Serialize(new Dictionary <string, object>()
{
{ "value", AMSCore.WebConfigReadKey(keyConfig) }
})));
}
txtScript.AppendLine("}catch(err){");
txtScript.AppendLine("window.appVersion = '" + appVersion + "'");
txtScript.AppendLine("window.appServer = {");
txtScript.AppendLine("'timeDiff':" + timeDiff + " - new Date().getTime(),");
txtScript.AppendLine("'timeZone':" + timezone + ",");
txtScript.AppendLine("'isDebug':'" + AMSCore.WebConfigReadKey("IS_DEBUG") + "',");
txtScript.AppendLine("'isEncrypt':'" + AMSCore.WebConfigReadKey("IS_ENCRYPT") + "',");
txtScript.AppendLine("'sessionId':'" + Session.SessionID + "',");
txtScript.AppendLine("'webConfig':" + serialization.Serialize(webConfigObject));
txtScript.AppendLine("};");
txtScript.AppendLine("}");
//string onCloseBrowserScript = @"
// window.onbeforeunload = function (event)
// {
// try
// {
// var request = new XMLHttpRequest();
// request.open('POST','{logoutURLPath}',false);
// request.setRequestHeader('content-type','application/x-www-form-urlencoded');
// request.timeout = 4000;
// request.send('');
// }
// catch(err)
// {
// }
// };
//";
//string logoutURLPath = HttpContext.Current.Request.Url.GetLeftPart(UriPartial.Authority) + ResolveUrl("~/?p=logout");
//onCloseBrowserScript = onCloseBrowserScript.Replace("{logoutURLPath}", logoutURLPath);
//txtScript.AppendLine(onCloseBrowserScript);
InsertScriptTag(txtScript.ToString());
}