private CookieAuthenticationOptions SetupAppCookie(
// CookieAuthenticationOptions options,
CookieAuthenticationEvents cookieEvents,
cloudscribe.Core.Identity.SiteAuthCookieValidator siteValidator,
string scheme,
cloudscribe.Core.Models.SiteSettings tenant
)
{
var options = new CookieAuthenticationOptions();
options.AuthenticationScheme = $"{scheme}-{tenant.SiteFolderName}";
options.CookieName = $"{scheme}-{tenant.SiteFolderName}";
options.CookiePath = "/" + tenant.SiteFolderName;
var tenantPathBase = string.IsNullOrEmpty(tenant.SiteFolderName)
? PathString.Empty
: new PathString("/" + tenant.SiteFolderName);
options.LoginPath = tenantPathBase + "/account/login";
options.LogoutPath = tenantPathBase + "/account/logoff";
cookieEvents.OnValidatePrincipal = siteValidator.ValidatePrincipal;
options.Events = cookieEvents;
options.AutomaticAuthenticate = true;
options.AutomaticChallenge = true;
return(options);
}
private CookieAuthenticationOptions SetupAppCookie(
CookieAuthenticationEvents cookieEvents,
cloudscribe.Core.Identity.SiteAuthCookieValidator siteValidator,
string scheme,
bool useRelatedSitesMode,
cloudscribe.Core.Models.SiteSettings tenant
)
{
var options = new CookieAuthenticationOptions();
if (useRelatedSitesMode)
{
options.AuthenticationScheme = scheme;
options.CookieName = scheme;
options.CookiePath = "/";
}
else
{
options.AuthenticationScheme = $"{scheme}-{tenant.SiteFolderName}";
options.CookieName = $"{scheme}-{tenant.SiteFolderName}";
options.CookiePath = "/" + tenant.SiteFolderName;
cookieEvents.OnValidatePrincipal = siteValidator.ValidatePrincipal;
}
var tenantPathBase = string.IsNullOrEmpty(tenant.SiteFolderName)
? PathString.Empty
: new PathString("/" + tenant.SiteFolderName);
options.LoginPath = tenantPathBase + "/account/login";
options.LogoutPath = tenantPathBase + "/account/logoff";
options.AccessDeniedPath = tenantPathBase + "/account/accessdenied";
options.Events = cookieEvents;
options.AutomaticAuthenticate = true;
options.AutomaticChallenge = false;
options.CookieSecure = environment.IsDevelopment()
? CookieSecurePolicy.SameAsRequest
: CookieSecurePolicy.Always;
return(options);
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(
IApplicationBuilder app,
IHostingEnvironment env,
ILoggerFactory loggerFactory,
IOptions <cloudscribe.Core.Models.MultiTenantOptions> multiTenantOptionsAccessor,
IServiceProvider serviceProvider
)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
app.UseBrowserLink();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseStaticFiles();
app.UseSession();
app.UseMultitenancy <cloudscribe.Core.Models.SiteSettings>();
//app.UseTenantContainers<SiteSettings>();
var multiTenantOptions = multiTenantOptionsAccessor.Value;
app.UsePerTenant <cloudscribe.Core.Models.SiteSettings>((ctx, builder) =>
{
var tenant = ctx.Tenant;
var shouldUseFolder = !multiTenantOptions.UseRelatedSitesMode &&
multiTenantOptions.Mode == cloudscribe.Core.Models.MultiTenantMode.FolderName &&
tenant.SiteFolderName.Length > 0;
var externalCookieOptions = SetupOtherCookies(cloudscribe.Core.Identity.AuthenticationScheme.External, tenant);
builder.UseCookieAuthentication(externalCookieOptions);
var twoFactorRememberMeCookieOptions = SetupOtherCookies(cloudscribe.Core.Identity.AuthenticationScheme.TwoFactorRememberMe, tenant);
builder.UseCookieAuthentication(twoFactorRememberMeCookieOptions);
var twoFactorUserIdCookie = SetupOtherCookies(cloudscribe.Core.Identity.AuthenticationScheme.TwoFactorUserId, tenant);
builder.UseCookieAuthentication(twoFactorUserIdCookie);
var cookieEvents = new CookieAuthenticationEvents();
var logger = loggerFactory.CreateLogger <cloudscribe.Core.Identity.SiteAuthCookieValidator>();
var cookieValidator = new cloudscribe.Core.Identity.SiteAuthCookieValidator(logger);
var appCookieOptions = SetupAppCookie(
cookieEvents,
cookieValidator,
cloudscribe.Core.Identity.AuthenticationScheme.Application,
tenant
);
builder.UseCookieAuthentication(appCookieOptions);
// known issue here is if a site is updated to populate the
// social auth keys, it currently requires a restart so that the middleware gets registered
// in order for it to work or for the social auth buttons to appear
builder.UseSocialAuth(ctx.Tenant, externalCookieOptions, shouldUseFolder);
});
UseMvc(app, multiTenantOptions.Mode == cloudscribe.Core.Models.MultiTenantMode.FolderName);
var storage = Configuration["DevOptions:DbPlatform"];
switch (storage)
{
case "NoDb":
CoreNoDbStartup.InitializeDataAsync(app.ApplicationServices).Wait();
break;
case "ef":
default:
// this creates ensures the database is created and initial data
CoreEFStartup.InitializeDatabaseAsync(app.ApplicationServices).Wait();
// this one is only needed if using cloudscribe Logging with EF as the logging storage
//cloudscribe.Logging.EF.LoggingDbInitializer.InitializeDatabaseAsync(app.ApplicationServices).Wait();
break;
}
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
// you can add things to this method signature and they will be injected as long as they were registered during
// ConfigureServices
public void Configure(
IApplicationBuilder app,
IHostingEnvironment env,
ILoggerFactory loggerFactory,
IOptions<cloudscribe.Core.Models.MultiTenantOptions> multiTenantOptionsAccessor,
IServiceProvider serviceProvider,
IOptions<RequestLocalizationOptions> localizationOptionsAccessor
)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
var storage = Configuration["DevOptions:DbPlatform"];
if(storage != "NoDb")
{
ConfigureLogging(loggerFactory, serviceProvider);
}
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
app.UseBrowserLink();
}
//else
//{
// app.UseExceptionHandler("/Home/Error");
//}
app.UseStaticFiles();
// custom 404 and error page - this preserves the status code (ie 404)
app.UseStatusCodePagesWithReExecute("/Home/Error/{0}");
app.UseSession();
app.UseRequestLocalization(localizationOptionsAccessor.Value);
app.UseMultitenancy<cloudscribe.Core.Models.SiteSettings>();
//app.UseTenantContainers<SiteSettings>();
var multiTenantOptions = multiTenantOptionsAccessor.Value;
app.UsePerTenant<cloudscribe.Core.Models.SiteSettings>((ctx, builder) =>
{
var tenant = ctx.Tenant;
var shouldUseFolder = !multiTenantOptions.UseRelatedSitesMode
&& multiTenantOptions.Mode == cloudscribe.Core.Models.MultiTenantMode.FolderName
&& tenant.SiteFolderName.Length > 0;
var externalCookieOptions = SetupOtherCookies(
cloudscribe.Core.Identity.AuthenticationScheme.External,
multiTenantOptions.UseRelatedSitesMode,
tenant);
builder.UseCookieAuthentication(externalCookieOptions);
var twoFactorRememberMeCookieOptions = SetupOtherCookies(
cloudscribe.Core.Identity.AuthenticationScheme.TwoFactorRememberMe,
multiTenantOptions.UseRelatedSitesMode,
tenant);
builder.UseCookieAuthentication(twoFactorRememberMeCookieOptions);
var twoFactorUserIdCookie = SetupOtherCookies(
cloudscribe.Core.Identity.AuthenticationScheme.TwoFactorUserId,
multiTenantOptions.UseRelatedSitesMode,
tenant);
builder.UseCookieAuthentication(twoFactorUserIdCookie);
var cookieEvents = new CookieAuthenticationEvents();
var logger = loggerFactory.CreateLogger<cloudscribe.Core.Identity.SiteAuthCookieValidator>();
var cookieValidator = new cloudscribe.Core.Identity.SiteAuthCookieValidator(logger);
var appCookieOptions = SetupAppCookie(
cookieEvents,
cookieValidator,
cloudscribe.Core.Identity.AuthenticationScheme.Application,
multiTenantOptions.UseRelatedSitesMode,
tenant
);
builder.UseCookieAuthentication(appCookieOptions);
//builder.UseForwardedHeaders();
// known issue here is if a site is updated to populate the
// social auth keys, it currently requires a restart so that the middleware gets registered
// in order for it to work or for the social auth buttons to appear
builder.UseSocialAuth(ctx.Tenant, externalCookieOptions, shouldUseFolder);
});
UseMvc(app, multiTenantOptions.Mode == cloudscribe.Core.Models.MultiTenantMode.FolderName);
switch (storage)
{
case "NoDb":
CoreNoDbStartup.InitializeDataAsync(app.ApplicationServices).Wait();
break;
case "ef":
default:
// this creates ensures the database is created and initial data
CoreEFStartup.InitializeDatabaseAsync(app.ApplicationServices).Wait();
// this one is only needed if using cloudscribe Logging with EF as the logging storage
LoggingEFStartup.InitializeDatabaseAsync(app.ApplicationServices).Wait();
break;
}
}
