public static string AuthenticateMeAndSetCookies(int tenantId, Guid userId, MessageAction action, bool session = false) { bool isSuccess = true; var cookies = string.Empty; Func <int> funcLoginEvent = () => { return(GetLoginEventId(action)); }; try { cookies = SecurityContext.AuthenticateMe(userId, funcLoginEvent); } catch (Exception) { isSuccess = false; throw; } finally { if (isSuccess) { SetCookies(CookiesType.AuthKey, cookies, session); DbLoginEventsManager.ResetCache(tenantId, userId); } } return(cookies); }
private static void OutsideAuth() { var action = MessageAction.LoginSuccess; Func <int> funcLoginEvent = () => { return(CookiesManager.GetLoginEventId(action)); }; var cookie = string.Empty; try { cookie = SecurityContext.AuthenticateMe(Constants.OutsideUser.ID, funcLoginEvent); } catch (Exception) { throw; } if (HttpContext.Current != null) { CookiesManager.SetCookies(CookiesType.AuthKey, cookie); DbLoginEventsManager.ResetCache(); } else { SecurityContext.AuthenticateMe(cookie); } }
public static void SetLifeTime(int lifeTime) { if (!CoreContext.UserManager.IsUserInGroup(SecurityContext.CurrentAccount.ID, Constants.GroupAdmin.ID)) { throw new SecurityException(); } var tenant = TenantProvider.CurrentTenantID; var settings = TenantCookieSettings.GetForTenant(tenant); if (lifeTime > 0) { settings.Index = settings.Index + 1; settings.LifeTime = lifeTime; } else { settings.LifeTime = 0; } TenantCookieSettings.SetForTenant(tenant, settings); if (lifeTime > 0) { DbLoginEventsManager.LogOutAllActiveConnectionsForTenant(tenant); } var userId = SecurityContext.CurrentAccount.ID; AuthenticateMeAndSetCookies(tenant, userId, MessageAction.LoginSuccess); }
public object GetAllActiveConnections() { var user = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); var loginEvents = DbLoginEventsManager.GetLoginEvents(user.Tenant, user.ID); var listLoginEvents = loginEvents.ConvertAll(Convert); var loginEventId = GetLoginEventIdFromCookie(); if (loginEventId != 0) { var loginEvent = listLoginEvents.FirstOrDefault(x => x.Id == loginEventId); if (loginEvent != null) { listLoginEvents.Remove(loginEvent); listLoginEvents.Insert(0, loginEvent); } } else { if (listLoginEvents.Count == 0) { var request = HttpContext.Current.Request; var uaHeader = MessageSettings.GetUAHeader(request); var clientInfo = MessageSettings.GetClientInfo(uaHeader); var platformAndDevice = MessageSettings.GetPlatformAndDevice(clientInfo); var browser = MessageSettings.GetBrowser(clientInfo); var ip = MessageSettings.GetIP(request); var baseEvent = new CustomEvent { Id = 0, Platform = platformAndDevice, Browser = browser, Date = DateTime.Now, IP = ip }; listLoginEvents.Add(Convert(baseEvent)); } } var result = new { Items = listLoginEvents, LoginEvent = loginEventId }; return(result); }
public static void ResetUserCookie(Guid?userId = null) { var currentUserId = SecurityContext.CurrentAccount.ID; var tenant = TenantProvider.CurrentTenantID; var settings = TenantCookieSettings.GetForUser(userId ?? currentUserId); settings.Index = settings.Index + 1; TenantCookieSettings.SetForUser(userId ?? currentUserId, settings); DbLoginEventsManager.LogOutAllActiveConnections(tenant, userId ?? currentUserId); if (!userId.HasValue) { AuthenticateMeAndSetCookies(tenant, currentUserId, MessageAction.LoginSuccess); } }
public bool LogOutActiveConnection(int loginEventId) { try { var user = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); var userName = user.DisplayUserName(false); DbLoginEventsManager.LogOutEvent(loginEventId); MessageService.Send(Request, MessageAction.UserLogoutActiveConnection, userName); return(true); } catch (Exception ex) { Log.Error(ex); return(false); } }
public string LogOutAllExceptThisConnection() { try { var user = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); var userName = user.DisplayUserName(false); var loginEventFromCookie = GetLoginEventIdFromCookie(); DbLoginEventsManager.LogOutAllActiveConnectionsExceptThis(loginEventFromCookie, user.Tenant, user.ID); MessageService.Send(Request, MessageAction.UserLogoutActiveConnections, userName); return(userName); } catch (Exception ex) { Log.Error(ex); return(null); } }
public static void ResetTenantCookie() { var userId = SecurityContext.CurrentAccount.ID; if (!CoreContext.UserManager.IsUserInGroup(userId, Constants.GroupAdmin.ID)) { throw new SecurityException(); } var tenant = TenantProvider.CurrentTenantID; var settings = TenantCookieSettings.GetForTenant(tenant); settings.Index = settings.Index + 1; TenantCookieSettings.SetForTenant(tenant, settings); DbLoginEventsManager.LogOutAllActiveConnectionsForTenant(tenant); AuthenticateMeAndSetCookies(tenant, userId, MessageAction.LoginSuccess); }
public static void AuthenticateMeAndSetCookies(string login, string passwordHash, MessageAction action, bool session = false) { bool isSuccess = true; var cookies = string.Empty; Func <int> funcLoginEvent = () => { return(GetLoginEventId(action)); }; try { cookies = SecurityContext.AuthenticateMe(login, passwordHash, funcLoginEvent); } catch (Exception) { isSuccess = false; throw; } finally { if (isSuccess) { SetCookies(CookiesType.AuthKey, cookies, session); DbLoginEventsManager.ResetCache(); } } }
protected override void OnPreInit(EventArgs e) { base.OnPreInit(e); if (!SecurityContext.IsAuthenticated) { if (CoreContext.Configuration.Personal) { CheckSocialMedia(); SetLanguage(); } var token = Request["asc_auth_key"]; if (SecurityContext.AuthenticateMe(token)) { CookiesManager.SetCookies(CookiesType.AuthKey, token); var refererURL = Request["refererURL"]; if (string.IsNullOrEmpty(refererURL)) { refererURL = "~/Auth.aspx"; } Response.Redirect(refererURL, true); } return; } if (IsLogout) { var cookie = CookiesManager.GetCookies(CookiesType.AuthKey); int loginEventId = CookieStorage.GetLoginEventIdFromCookie(cookie); DbLoginEventsManager.LogOutEvent(loginEventId); var user = CoreContext.UserManager.GetUsers(SecurityContext.CurrentAccount.ID); var loginName = user.DisplayUserName(false); MessageService.Send(HttpContext.Current.Request, loginName, MessageAction.Logout); ProcessLogout(); if (!string.IsNullOrEmpty(user.SsoNameId)) { var settings = SsoSettingsV2.Load(); if (settings.EnableSso && !string.IsNullOrEmpty(settings.IdpSettings.SloUrl)) { var logoutSsoUserData = Signature.Create(new LogoutSsoUserData { NameId = user.SsoNameId, SessionId = user.SsoSessionId }); HttpContext.Current.Response.Redirect(SetupInfo.SsoSamlLogoutUrl + "?data=" + HttpUtility.UrlEncode(logoutSsoUserData), true); } } Response.Redirect("~/Auth.aspx", true); } else { Response.Redirect(CommonLinkUtility.GetDefault(), true); } }
public static bool AuthenticateMe(string cookie) { if (!string.IsNullOrEmpty(cookie)) { int tenant; Guid userid; int indexTenant; DateTime expire; int indexUser; int loginEventId; if (cookie.Equals("Bearer", StringComparison.InvariantCulture)) { var ipFrom = string.Empty; var address = string.Empty; if (HttpContext.Current != null) { var request = HttpContext.Current.Request; ipFrom = "from " + (request.Headers["X-Forwarded-For"] ?? request.UserHostAddress); address = "for " + request.GetUrlRewriter(); } log.InfoFormat("Empty Bearer cookie: {0} {1}", ipFrom, address); } else if (CookieStorage.DecryptCookie(cookie, out tenant, out userid, out indexTenant, out expire, out indexUser, out loginEventId)) { if (tenant != CoreContext.TenantManager.GetCurrentTenant().TenantId) { return(false); } var settingsTenant = TenantCookieSettings.GetForTenant(tenant); if (indexTenant != settingsTenant.Index) { return(false); } if (expire != DateTime.MaxValue && expire < DateTime.UtcNow) { return(false); } try { var settingsUser = TenantCookieSettings.GetForUser(userid); if (indexUser != settingsUser.Index) { return(false); } var settingLoginEvents = DbLoginEventsManager.GetLoginEventIds(tenant, userid); if (loginEventId != 0 && !settingLoginEvents.Contains(loginEventId)) { return(false); } CurrentAccount = new UserAccount(new UserInfo { ID = userid }, tenant); return(true); } catch (InvalidCredentialException ice) { log.DebugFormat("{0}: cookie {1}, tenant {2}, userid {3}", ice.Message, cookie, tenant, userid); } catch (SecurityException se) { log.DebugFormat("{0}: cookie {1}, tenant {2}, userid {3}", se.Message, cookie, tenant, userid); } catch (Exception err) { log.ErrorFormat("Authenticate error: cookie {0}, tenant {1}, userid {2}: {3}", cookie, tenant, userid, err); } } else { var ipFrom = string.Empty; var address = string.Empty; if (HttpContext.Current != null) { var request = HttpContext.Current.Request; address = "for " + request.GetUrlRewriter(); ipFrom = "from " + (request.Headers["X-Forwarded-For"] ?? request.UserHostAddress); } log.WarnFormat("Can not decrypt cookie: {0} {1} {2}", cookie, ipFrom, address); } } return(false); }