/// <summary>
/// Runs the processor.
/// </summary>
/// <param name="args">The arguments.½</param>
public void Process(LoggingInArgs args)
{
Assert.ArgumentNotNull(args, "args");
if (!string.IsNullOrEmpty(args.StartUrl))
{
this.ValidateStartUrl(args);
}
}
/// <summary>
/// Checks the on external URL.
/// </summary>
/// <param name="args">The arguments.</param>
/// <exception cref="T:Sitecore.Exceptions.SecurityException">Only local URLs are allowed.</exception>
private void CheckOnExternalUrl(LoggingInArgs args)
{
if (WebUtil.IsExternalUrl(args.StartUrl, HttpContext.Current.Request.Url.Host) && !IsAllowedBot(args.StartUrl))
{
args.AbortPipeline();
throw new SecurityException("Only local URLs are allowed.");
}
}
public void Process(LoggingInArgs args)
{
var data = new SubscriptionEventArgs()
{
Username = args.Username
};
Sitecore.Events.Event.RaiseEvent("westcosocket:subscribe", data);
}
public void Process(LoggingInArgs args)
{
Assert.ArgumentNotNull(args, "args");
if (!IsEnabled())
{
return;
}
MembershipUser user = GetMembershipUser(args);
if (HasPasswordExpired(user))
{
WebUtil.Redirect(ChangePasswordPageUrl);
}
}
/// <summary>
/// Determines whether [is valid start URL] [the specified user name].
/// </summary>
/// <param name="args">The arguments.</param>
/// <returns>
/// <c>true</c> if [is valid start URL] [the specified user name]; otherwise, <c>false</c>.
/// </returns>
protected virtual bool ValidateStartUrl(LoggingInArgs args)
{
Assert.ArgumentNotNull(args, "args");
this.CheckOnExternalUrl(args);
if (string.IsNullOrWhiteSpace(args.StartUrl))
{
return(true);
}
if (Uri.IsWellFormedUriString(args.StartUrl, UriKind.Absolute))
{
return(true);
}
string localPath = this.GetLocalPath(args.StartUrl);
if (string.IsNullOrWhiteSpace(localPath))
{
return(true);
}
if (ID.IsID(localPath))
{
if (this.CanAccessItem(Context.Database, args.Username, localPath))
{
return(true);
}
args.StartUrl = string.Empty;
return(false);
}
if (!this.ItemExist(Context.Database, localPath))
{
return(true);
}
if (this.CanAccessItem(Context.Database, args.Username, localPath))
{
return(true);
}
args.StartUrl = string.Empty;
return(false);
}
/// <summary>
/// </summary>
protected virtual bool LoggingIn()
{
if (string.IsNullOrWhiteSpace(this.UserName.Text))
{
return(false);
}
this.fullUserName = WebUtil.HandleFullUserName(this.UserName.Text);
this.startUrl = Controllers.BotAuthenticationController.GetTicketCallback(WebUtil.GetQueryString("ticket"));
this.FailureHolder.Visible = false;
this.SuccessHolder.Visible = false;
LoggingInArgs loggingInArg = new LoggingInArgs()
{
Username = this.fullUserName,
Password = this.Password.Text,
StartUrl = this.startUrl
};
Pipeline.Start("loggingin", loggingInArg);
if ((UIUtil.IsIE() ? true : UIUtil.IsIE11()) && !Regex.IsMatch(WebUtil.GetHostName(), Settings.HostNameValidationPattern, RegexOptions.ECMAScript))
{
this.RenderError(Translate.Text("Your login attempt was not successful because the URL hostname contains invalid character(s) that are not recognized by IE. Please check the URL hostname or try another browser."));
return(false);
}
if (loggingInArg.Success)
{
this.startUrl = loggingInArg.StartUrl;
return(true);
}
Log.Audit(string.Format("Login failed: {0}.", loggingInArg.Username), this);
if (!string.IsNullOrEmpty(loggingInArg.Message))
{
this.RenderError(Translate.Text(StringUtil.RemoveLineFeeds(loggingInArg.Message)));
}
return(false);
}
public void Process(LoggingInArgs args)
{
//Assert.ArgumentNotNull(args, "args");
MembershipUser usert = Membership.GetUser(args.Username);
int number = UserAttemp.AttemptedPasswordAttemptsRemaining(usert);
if (number == 1)
{
if (!usert.IsLockedOut)
{
ISendUserLockedOutEmail emailSender;
using (var scope = AutofacConfig.ServiceLocator.BeginLifetimeScope())
{
emailSender = scope.Resolve <ISendUserLockedOutEmail>();
}
emailSender.SendEmail(usert);
}
}
}
public new void Process(LoggingInArgs args)
{
Assert.ArgumentNotNull(args, "args");
bool flag = false;
NoAccessTo noAccessTo = NoAccessTo.Empty;
using (UserSwitcher userSwitcher = new UserSwitcher(args.Username, true))
{
switch (args.StartUrl)
{
case "/sitecore/shell/default.aspx":
{
Item item = Client.CoreDatabase.Items["/sitecore/content/Applications/Desktop"];
if (!Context.IsAdministrator && (item == null || !item.Access.CanRead()))
{
noAccessTo = NoAccessTo.Desktop;
flag = true;
}
break;
}
case "/sitecore/shell/applications/clientusesoswindows.aspx":
{
Item item1 = Client.CoreDatabase.Items["/sitecore/content/Applications/Content Editor"];
if (item1 == null || !item1.Access.CanRead())
{
noAccessTo = NoAccessTo.ContentEditor;
flag = true;
}
break;
}
case "/sitecore/shell/applications/webedit.aspx":
{
Item item2 = Client.CoreDatabase.Items["/sitecore/content/Applications/WebEdit"];
if (item2 == null || !item2.Access.CanRead())
{
noAccessTo = NoAccessTo.PageEditor;
flag = true;
}
break;
}
}
var membershipUser = Membership.GetUser(Sitecore.Context.User.Name, false);
if (IsPasswordExpiredEnabled() && membershipUser != null && HasPasswordExpired(membershipUser))
{
noAccessTo = NoAccessTo.PasswordExpired;
UserName = args.Username;
flag = true;
}
if (flag)
{
AuthenticationHelper authenticationHelper = new AuthenticationHelper(AuthenticationManager.Provider);
if (!string.IsNullOrEmpty(args.Username) && args.Password != null && authenticationHelper.ValidateUser(args.Username, args.Password))
{
args.Success = false;
args.AddMessage(GetErrorMessage(noAccessTo));
args.AbortPipeline();
}
}
}
}
private static MembershipUser GetMembershipUser(LoggingInArgs args)
{
Assert.ArgumentNotNull(args, "args");
Assert.ArgumentNotNullOrEmpty(args.Username, "args.Username");
return Membership.GetUser(args.Username, false);
}
