public NavigationModel() { Items = TwoLevelCache.GetLocalStoreOnly("LeftNavigationModel:NavigationItems:" + (Authorization.UserId ?? "-1"), TimeSpan.Zero, UserPermissionRow.Fields.GenerationKey, () => NavigationHelper.GetNavigationItems(x => x != null && x.StartsWith("~/") ? VirtualPathUtility.ToAbsolute(x) : x)); SetActivePath(); try { var user = Serenity.Authorization.UserDefinition; if (user != null) { DirtyObjects.FillUserData(user.Username); } } catch { } }
private bool ValidateExistingUser(ref string username, string password, UserDefinition user) { username = user.Username; SetSignal("Log in done by " + username); if (user.IsActive != 1) { if (Log.IsInfoEnabled) { Log.Error(String.Format("Inactive user login attempt: {0}", username), this.GetType()); } return(false); } // prevent more than 50 invalid login attempts in 30 minutes var throttler = new Throttler("ValidateUser:"******"site" || user.Source == "sign" || directoryService == null) { if (validatePassword()) { throttler.Reset(); //Get all User try { DirtyObjects.FillUserData(username);// = db.Roles.where } catch (Exception ae) { } return(true); } return(false); } if (user.Source != "ldap") { throw new ArgumentOutOfRangeException("userSource"); } if (!string.IsNullOrEmpty(user.PasswordHash) && user.LastDirectoryUpdate != null && user.LastDirectoryUpdate.Value.AddHours(1) >= DateTime.Now) { if (validatePassword()) { throttler.Reset(); return(true); } return(false); } DirectoryEntry entry; try { entry = directoryService.Validate(username, password); if (entry == null) { return(false); } throttler.Reset(); } catch (Exception ex) { Log.Error("Error on directory access", ex, this.GetType()); // couldn't access directory. allow user to login with cached password if (!user.PasswordHash.IsTrimmedEmpty()) { if (validatePassword()) { throttler.Reset(); return(true); } return(false); } throw; } try { string salt = user.PasswordSalt.TrimToNull(); var hash = UserRepository.GenerateHash(password, ref salt); var displayName = entry.FirstName + " " + entry.LastName; var email = entry.Email.TrimToNull() ?? user.Email ?? (username + "@yourdefaultdomain.com"); using (var connection = SqlConnections.NewFor <UserRow>()) using (var uow = new UnitOfWork(connection)) { var fld = UserRow.Fields; new SqlUpdate(fld.TableName) .Set(fld.DisplayName, displayName) .Set(fld.PasswordHash, hash) .Set(fld.PasswordSalt, salt) .Set(fld.Email, email) .Set(fld.LastDirectoryUpdate, DateTime.Now) .WhereEqual(fld.UserId, user.UserId) .Execute(connection, ExpectedRows.One); uow.Commit(); UserRetrieveService.RemoveCachedUser(user.UserId, username); } return(true); } catch (Exception ex) { Log.Error("Error while updating directory user", ex, this.GetType()); return(true); } }