bool IsMaxAgeExceeded(
AuthorizationResponse response, UserTData data)
{
if (response.MaxAge <= 0)
{
// Don't have to care about the maximum
// authentication age.
return(false);
}
// Calculate the number of seconds that have elapsed
// since the last login.
long age =
TimeUtility.CurrentTimeSeconds()
- data.GetUserAuthenticatedAt();
if (age <= response.MaxAge)
{
// The max age is not exceeded yet.
return(false);
}
// The max age has been exceeded.
return(true);
}
void AuthenticateUserIfNecessary(UserTData data)
{
// If user information is already stored in TempData.
if (data.HasUserEntity())
{
// Already logged in. No need to authenticate the
// user here again.
return;
}
// Values input to the form in the authorization page.
string loginId = Request.Form["loginId"];
string password = Request.Form["password"];
// Search the user database for the user.
UserEntity entity =
UserDao.GetByCredentials(loginId, password);
// If the user was found.
if (entity != null)
{
// The user was authenticated successfully.
data.SetUserEntity(entity);
data.SetUserAuthenticatedAt(
TimeUtility.CurrentTimeSeconds());
}
}
