private LoginAttemptStatus CheckCanLoginImpl(ILogin login, ITrustedDevice device = null) { if (login.Flags.IsSet(LoginFlags.Inactive)) { return(LoginAttemptStatus.AccountInactive); } if (login.Flags.IsSet(LoginFlags.Suspended) && login.SuspendedUntil != null && login.SuspendedUntil > App.TimeService.UtcNow) { return(login.Flags.IsSet(LoginFlags.DoNotConcealMembership) ? LoginAttemptStatus.AccountSuspended : LoginAttemptStatus.Failed); } if (login.Flags.IsSet(LoginFlags.OneTimePassword)) { //If it was already used, login fails; otherwise succeed but mark it as used if (login.Flags.IsSet(LoginFlags.OneTimePasswordUsed)) { return(LoginAttemptStatus.Failed); } return(LoginAttemptStatus.Success); } // multi-factor if (CheckNeedMultifactor(login, device)) { return(LoginAttemptStatus.PendingMultifactor); } return(LoginAttemptStatus.Success); }
private void AttachUserSession(OperationContext context, ILogin login, ITrustedDevice device = null, UserSessionExpirationType expirationType = UserSessionExpirationType.Sliding) { if (_sessionService == null) { return; } //Start session for logged in user and get session token var trustLevel = DeviceTrustLevel.None; if (device != null) { trustLevel = device.TrustLevel; device.LastLoggedIn = App.TimeService.UtcNow; } var oldSession = context.UserSession; if (oldSession != null && oldSession.User != null) { switch (oldSession.User.Kind) { case UserKind.Anonymous: // If we had session for anonymous user, we keep the session and keep the token context.UserSession.User = context.User; _sessionService.UpdateSession(context); return; default: // AuthenticatedUser, System (never happens) _sessionService.EndSession(context); break; } } //New session context.UserSession = _sessionService.StartSession(context, context.User, expirationType); }
private bool CheckNeedMultifactor(ILogin login, ITrustedDevice device) { //Verify multi-factor if (!login.Flags.IsSet(LoginFlags.RequireMultiFactor)) { return(false); } //check if device is trusted if (device != null && device.TrustLevel == DeviceTrustLevel.AllowSingleFactor) { return(false); } return(true); }
private LoginAttemptStatus CheckCanLoginImpl(ILogin login, ITrustedDevice device = null) { if (login.Flags.IsSet(LoginFlags.Inactive)) { return(LoginAttemptStatus.AccountInactive); } if (login.Flags.IsSet(LoginFlags.OneTimePassword)) { //If it was already used, login fails; otherwise succeed but mark it as used if (login.Flags.IsSet(LoginFlags.OneTimePasswordUsed)) { return(LoginAttemptStatus.Failed); } login.Flags |= LoginFlags.OneTimePasswordUsed; return(LoginAttemptStatus.Success); } // multi-factor if (CheckNeedMultifactor(login, device)) { return(LoginAttemptStatus.PendingMultifactor); } return(LoginAttemptStatus.Success); }
private DeviceInfo RegisterOrUpdateDevice(DeviceInfo device) { var login = GetCurrentLogin(); var session = EntityHelper.GetSession(login); ITrustedDevice deviceEnt = null; if (!string.IsNullOrWhiteSpace(device.Token)) { deviceEnt = login.GetDevice(device.Token); } if (deviceEnt == null) { deviceEnt = _loginManager.RegisterTrustedDevice(login, device.Type, device.TrustLevel); } else { deviceEnt.TrustLevel = device.TrustLevel; } session.SaveChanges(); return(new DeviceInfo() { Token = deviceEnt.Token, TrustLevel = deviceEnt.TrustLevel, Type = deviceEnt.Type }); }
private bool CheckNeedMultifactor(ILogin login, ITrustedDevice device) { //Verify multi-factor if(!login.Flags.IsSet(LoginFlags.RequireMultiFactor)) return false; //check if device is trusted if(device != null && device.TrustLevel == DeviceTrustLevel.AllowSingleFactor) return false; return true; }
private LoginAttemptStatus CheckCanLoginImpl(ILogin login, ITrustedDevice device = null) { if(login.Flags.IsSet(LoginFlags.Inactive)) return LoginAttemptStatus.AccountInactive; if(login.Flags.IsSet(LoginFlags.OneTimePassword)) { //If it was already used, login fails; otherwise succeed but mark it as used if(login.Flags.IsSet(LoginFlags.OneTimePasswordUsed)) return LoginAttemptStatus.Failed; login.Flags |= LoginFlags.OneTimePasswordUsed; return LoginAttemptStatus.Success; } // multi-factor if(CheckNeedMultifactor(login, device)) return LoginAttemptStatus.PendingMultifactor; return LoginAttemptStatus.Success; }
private void AttachUserSession(OperationContext context, ILogin login, ITrustedDevice device = null) { if(_sessionService == null) return; //Start session for logged in user and get session token var trustLevel = DeviceTrustLevel.None; if(device != null) { trustLevel = device.TrustLevel; device.LastLoggedIn = App.TimeService.UtcNow; } if(context.UserSession != null) { context.UserSession.User = context.User; _sessionService.UpdateSession(context); return; } //New session UserSessionExpiration expir = null; if (trustLevel == DeviceTrustLevel.KeepLoggedIn) expir = new UserSessionExpiration() { ExpirationType = UserSessionExpirationType.KeepLoggedIn }; context.UserSession = _sessionService.StartSession(context, context.User, expir); }