public BaseController() {
DBContext = new JolTudomEEntities();
CustomIdentity id = User.Identity as CustomIdentity;
if (id != null) {
SM = new SessionManager(id.Token);
}
}
private LoginResponse ValidateToken(string token) {
try {
SessionManager sm = new SessionManager(token);
_Token = token;
_UserName = sm.Session.Person.UserName;
return new LoginResponse {
PersonID = sm.Session.PersonID,
RoleID = sm.Session.RoleID
};
}
catch (SessionNotAvailable) {
throw;
}
}
public static SessionManager NewSession(int personid, int roleid) {
// generate a token
// this could be more secure ...
byte[] time = BitConverter.GetBytes(DateTime.UtcNow.ToBinary());
byte[] key = Guid.NewGuid().ToByteArray();
string token = Convert.ToBase64String(time.Concat(key).ToArray());
using (JolTudomEEntities ent = new JolTudomEEntities()) {
// delete those sessions, which are dead - over of the given timeout
ent.usp_SessionsCleanup(JolTudomE_Api.Properties.Settings.Default.SessionTimeoutMinute);
// delete those tests, which are not completed
ent.usp_CleanupTests(JolTudomE_Api.Properties.Settings.Default.MaxTestExecutionHour);
// this must be saved to the database with the timestamp
ent.Sessions.Add(new Sessions { Token = token, PersonID = personid, RoleID = roleid, LastAction = DateTime.UtcNow });
ent.SaveChanges();
}
SessionManager sm = new SessionManager(token);
return sm;
}
