private string Login(string catalog, int officeId, string userName, string password, string culture,
bool rememberMe, string challenge, HttpContext context)
{
try
{
long globalLoginId = Data.Office.User.SignIn(catalog, officeId, userName, password, culture, rememberMe,
challenge, context);
Log.Information("{UserName} signed in to office : #{OfficeId} from {IP}.", userName, officeId,
context.Request.ServerVariables["REMOTE_ADDR"]);
if (globalLoginId > 0)
{
MixERPWebpage.SetAuthenticationTicket(HttpContext.Current.Response, globalLoginId, rememberMe);
AppUsers.SetCurrentLogin(globalLoginId);
return("OK");
}
this.LogInvalidSignIn();
return(Warnings.UserIdOrPasswordIncorrect);
}
catch (MixERPException ex)
{
Log.Warning("{UserName} could not sign in to office : #{OfficeId} from {IP}.", userName, officeId,
context.Request.ServerVariables["REMOTE_ADDR"]);
this.LogInvalidSignIn();
return(ex.Message);
}
}
protected void Page_Load(object sender, EventArgs e)
{
this.CheckDbConnectivity();
PageUtility.CheckInvalidAttempts(this.Page);
this.BindCompanies();
this.BindBranches();
if (this.branchSelect.Items.Count.Equals(0))
{
this.Response.Redirect("~/Installation/Default.aspx");
}
if (!this.IsPostBack)
{
if (this.User.Identity.IsAuthenticated)
{
long globalLoginId = Conversion.TryCastLong(this.User.Identity.Name);
if (globalLoginId > 0)
{
AppUsers.SetCurrentLogin();
this.RedirectToDashboard();
}
}
}
}
protected override void OnInit(EventArgs e)
{
if (!this.IsPostBack)
{
if (this.Request.IsAuthenticated)
{
if (AppUsers.GetCurrentLogin().View.LoginId.ToLong().Equals(0))
{
AppUsers.SetCurrentLogin();
if (AppUsers.GetCurrentLogin().View.LoginId.ToLong().Equals(0))
{
this.RequestLoginPage();
}
}
}
else
{
if (!this.SkipLoginCheck)
{
this.RequestLoginPage();
}
}
}
this.CheckForceLogOffFlags();
base.OnInit(e);
}
public DashboardController()
{
AppUsers.SetCurrentLogin();
ViewBag.ViewPath = GetViewPath();
ViewBag.LayoutPath = GetLayoutPath();
ViewBag.LayoutFile = LayoutFile;
}
protected override void Initialize(RequestContext context)
{
string clientToken = context.HttpContext.Request.GetClientToken();
var provider = new Provider(DbConvention.GetTenant());
var token = provider.GetToken(clientToken);
string tenant = DbConvention.GetTenant();
if (token != null)
{
bool isValid = AccessTokens.IsValid(token.ClientToken, context.HttpContext.GetClientIpAddress(),
context.HttpContext.GetUserAgent());
if (isValid)
{
AppUsers.SetCurrentLogin(tenant, token.LoginId);
var loginView = AppUsers.GetCurrent(tenant, token.LoginId);
this.MetaUser = new MetaUser
{
Tenant = tenant,
ClientToken = token.ClientToken,
LoginId = token.LoginId,
UserId = token.UserId,
OfficeId = token.OfficeId
};
var identity = new ClaimsIdentity(token.Claims, DefaultAuthenticationTypes.ApplicationCookie,
ClaimTypes.NameIdentifier, ClaimTypes.Role);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier,
token.LoginId.ToString(CultureInfo.InvariantCulture)));
if (loginView.RoleName != null)
{
identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName));
}
if (loginView.Email != null)
{
identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email));
}
context.HttpContext.User = new ClaimsPrincipal(identity);
}
}
base.Initialize(context);
}
protected override void Initialize(HttpControllerContext context)
{
string database = DbConvention.GetTenant();
string clientToken = context.Request.GetBearerToken();
var provider = new Provider(database);
var token = provider.GetToken(clientToken);
if (token != null)
{
AppUsers.SetCurrentLogin(database, token.LoginId);
var loginView = AppUsers.GetCurrent(database, token.LoginId);
this.MetaUser = new MetaUser
{
Tenant = database,
ClientToken = token.ClientToken,
LoginId = token.LoginId,
UserId = loginView.UserId.To <int>(),
OfficeId = loginView.OfficeId.To <int>()
};
var identity = new ClaimsIdentity(token.Claims);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture)));
if (loginView.RoleName != null)
{
identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName));
}
if (loginView.Email != null)
{
identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email));
}
context.RequestContext.Principal = new ClaimsPrincipal(identity);
}
base.Initialize(context);
}
public override bool AuthorizeHubConnection(HubDescriptor descriptor, IRequest request)
{
string clientToken = request.GetClientToken();
var provider = new Provider(DbConvention.GetTenant());
var token = provider.GetToken(clientToken);
string tenant = DbConvention.GetTenant();
if (token != null)
{
bool isValid = AccessTokens.IsValid(token.ClientToken, request.GetClientIpAddress(),
request.Headers["user-agent"]);
if (isValid)
{
AppUsers.SetCurrentLogin(tenant, token.LoginId);
var loginView = AppUsers.GetCurrent(tenant, token.LoginId);
var identity = new ClaimsIdentity(token.Claims, DefaultAuthenticationTypes.ApplicationCookie,
ClaimTypes.NameIdentifier, ClaimTypes.Role);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier,
token.LoginId.ToString(CultureInfo.InvariantCulture)));
if (loginView.RoleName != null)
{
identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName));
}
if (loginView.Email != null)
{
identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email));
}
request.Environment["server.User"] = new ClaimsPrincipal(identity);
return(true);
}
}
return(false);
}
public static MetaUser GetUser(HubCallerContext context)
{
var token = GetToken(context);
if (token != null)
{
string tenant = DbConvention.GetTenant();
AppUsers.SetCurrentLogin(tenant, token.LoginId);
var loginView = AppUsers.GetCurrent(tenant, token.LoginId);
return(new MetaUser
{
Tenant = tenant,
ClientToken = token.ClientToken,
LoginId = token.LoginId,
UserId = loginView.UserId,
OfficeId = loginView.OfficeId
});
}
return(null);
}