protected void LoginControl_loggingIn(object sender, LoginCancelEventArgs e)
{
var login = sender as Login;
if (login != null && login.UserName.IndexOf("\\") == -1)
{
var domain = (String.IsNullOrEmpty(this.DefaultDomain) ?
System.Web.Configuration.WebConfigurationManager.AppSettings["DefaultDomain"] :
this.DefaultDomain) ??
string.Empty;
login.UserName = string.Concat(domain, "\\", login.UserName);
}
if (OnUserLoggingIn != null)
{
OnUserLoggingIn(sender, e);
}
if (login != null)
{
var info = new CancellableLoginInfo {
UserName = login.UserName
};
LoginExtender.OnLoggingIn(info);
e.Cancel |= info.Cancel;
login.UserName = info.UserName;
_message = info.Message;
}
}
public ActionResult Logout(string back)
{
var info = new CancellableLoginInfo {
UserName = SNCR.User.Current.Username
};
LoginExtender.OnLoggingOut(info);
FormsAuthentication.SignOut();
if (!info.Cancel)
{
Logger.WriteAudit(AuditEvent.Logout, new Dictionary <string, object> {
{ "UserName", SNCR.User.Current.Username }, { "ClientAddress", Request.ServerVariables["REMOTE_ADDR"] }
});
LoginExtender.OnLoggedOut(new LoginInfo {
UserName = SNCR.User.Current.Username
});
}
Session.Clear();
back = string.IsNullOrEmpty(back) ? "/" : HttpUtility.UrlDecode(back);
return(this.Redirect(back));
}
protected void LoginControl_loggingIn(object sender, LoginCancelEventArgs e)
{
var login = sender as Login;
if (login != null && login.UserName.IndexOf("\\") == -1)
{
var domain = (string.IsNullOrEmpty(this.DefaultDomain)
? IdentityManagement.DefaultDomain
: this.DefaultDomain)
?? string.Empty;
login.UserName = string.Concat(domain, "\\", login.UserName);
}
OnUserLoggingIn?.Invoke(sender, e);
if (login != null)
{
var info = new CancellableLoginInfo {
UserName = login.UserName
};
LoginExtender.OnLoggingIn(info);
e.Cancel |= info.Cancel;
login.UserName = info.UserName;
_message = info.Message;
}
}
/// <summary>
/// Logs out the current user.
/// </summary>
/// <param name="ultimateLogout">Whether this should be an ultimate logout. If set to True, the user will be logged out from all clients.</param>
public static void Logout(bool ultimateLogout = false)
{
var user = User.Current;
var info = new CancellableLoginInfo {
UserName = user.Username
};
LoginExtender.OnLoggingOut(info);
if (info.Cancel)
{
return;
}
FormsAuthentication.SignOut();
AccessTokenVault.DeleteTokensByUser(user.Id);
SnLog.WriteAudit(AuditEvent.Logout,
new Dictionary <string, object>
{
{ "UserName", user.Username },
{ "ClientAddress", RepositoryTools.GetClientIpAddress() }
});
LoginExtender.OnLoggedOut(new LoginInfo {
UserName = user.Username
});
if (HttpContext.Current != null)
{
if (HttpContext.Current.Session != null)
{
HttpContext.Current.Session.Abandon();
}
// remove session cookie
var sessionCookie = new HttpCookie(GetSessionIdCookieName(), string.Empty)
{
Expires = DateTime.UtcNow.AddDays(-1)
};
HttpContext.Current.Response.Cookies.Add(sessionCookie);
// in case of ultimate logout saves the time on user
if (ultimateLogout || Configuration.Security.DefaultUltimateLogout)
{
using (new SystemAccount())
{
if (user is User userNode)
{
userNode.LastLoggedOut = DateTime.UtcNow;
userNode.Save(SavingMode.KeepVersion);
}
}
}
}
}
//protected void Login_Authenticate(object sender, AuthenticateEventArgs e)
//{
// e.Authenticated = true;
//}
protected void LoginStatus_LoggingOut(object sender, LoginCancelEventArgs e)
{
var info = new CancellableLoginInfo {
UserName = User.Current.Username
};
LoginExtender.OnLoggingOut(info);
e.Cancel = info.Cancel;
_message = info.Message;
}
public ActionResult Logout(string back)
{
var info = new CancellableLoginInfo { UserName = SNCR.User.Current.Username };
LoginExtender.OnLoggingOut(info);
FormsAuthentication.SignOut();
if (!info.Cancel)
{
Logger.WriteAudit(AuditEvent.Logout, new Dictionary<string, object> { { "UserName", SNCR.User.Current.Username }, { "ClientAddress", Request.ServerVariables["REMOTE_ADDR"] } });
LoginExtender.OnLoggedOut(new LoginInfo { UserName = SNCR.User.Current.Username });
}
Session.Clear();
back = string.IsNullOrEmpty(back) ? "/" : HttpUtility.UrlDecode(back);
return this.Redirect(back);
}
public static void Logout()
{
var info = new CancellableLoginInfo {
UserName = User.Current.Username
};
LoginExtender.OnLoggingOut(info);
if (info.Cancel)
{
return;
}
FormsAuthentication.SignOut();
SnLog.WriteAudit(AuditEvent.Logout,
new Dictionary <string, object>
{
{ "UserName", User.Current.Username },
{ "ClientAddress", RepositoryTools.GetClientIpAddress() }
});
LoginExtender.OnLoggedOut(new LoginInfo {
UserName = User.Current.Username
});
if (HttpContext.Current != null)
{
if (HttpContext.Current.Session != null)
{
HttpContext.Current.Session.Abandon();
}
// remove session cookie
var sessionCookie = new HttpCookie(GetSessionIdCookieName(), string.Empty)
{
Expires = DateTime.UtcNow.AddDays(-1)
};
HttpContext.Current.Response.Cookies.Add(sessionCookie);
}
}
public static object Login(Content content, string username, string password)
{
if (string.IsNullOrEmpty(username))
{
Logout();
throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
}
if (Membership.ValidateUser(username, password))
{
// we need to work with the full username that contains the domain: SetAuthCookie expects that
if (!username.Contains("\\"))
{
username = IdentityManagement.DefaultDomain + "\\" + username;
}
if (User.Current.IsAuthenticated)
{
// if this is the user that is already logged in, return with a success code
if (string.CompareOrdinal(User.Current.Username, username) == 0)
{
using (new SystemAccount())
{
FormsAuthentication.SetAuthCookie(username, true);
return(Content.Create(User.Load(username) as User));
}
}
// logged in as a different user: we have to log out first
Logout();
}
var info = new CancellableLoginInfo {
UserName = username
};
LoginExtender.OnLoggingIn(info);
if (info.Cancel)
{
throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
}
SnLog.WriteAudit(AuditEvent.LoginSuccessful, new Dictionary <string, object>
{
{ "UserName", username },
{ "ClientAddress", RepositoryTools.GetClientIpAddress() }
});
LoginExtender.OnLoggedIn(new LoginInfo {
UserName = username
});
using (new SystemAccount())
{
FormsAuthentication.SetAuthCookie(username, true);
return(Content.Create(User.Load(username) as User));
}
}
throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
}
protected void LoginControl_loggingIn(object sender, LoginCancelEventArgs e)
{
var login = sender as Login;
if (login != null && login.UserName.IndexOf("\\") == -1)
{
var domain = (String.IsNullOrEmpty(this.DefaultDomain) ?
System.Web.Configuration.WebConfigurationManager.AppSettings["DefaultDomain"] :
this.DefaultDomain) ??
string.Empty;
login.UserName = string.Concat(domain, "\\", login.UserName);
}
if (OnUserLoggingIn != null)
OnUserLoggingIn(sender, e);
if (login != null)
{
var info = new CancellableLoginInfo { UserName = login.UserName };
LoginExtender.OnLoggingIn(info);
e.Cancel = info.Cancel;
login.UserName = info.UserName;
_message = info.Message;
}
}
//protected void Login_Authenticate(object sender, AuthenticateEventArgs e)
//{
// e.Authenticated = true;
//}
protected void LoginStatus_LoggingOut(object sender, LoginCancelEventArgs e)
{
var info = new CancellableLoginInfo { UserName = User.Current.Username };
LoginExtender.OnLoggingOut(info);
e.Cancel = info.Cancel;
_message = info.Message;
}
