public string Login(string portalId, string userId, string password)
{
UserLoginStatus loginStatus = new UserLoginStatus();
UserInfo user = UserController.ValidateUser(Convert.ToInt32(portalId), userId, password,
"", "", "0.0.0.0", ref loginStatus);
if (user == null)
{
throw new Exception("Access Request Denied. Invalid UserId and Password");
}
Guid tokenId = Guid.NewGuid();
BBStoreSecurityToken token = new BBStoreSecurityToken()
{
UserId = user.UserID,
PortalId = Convert.ToInt32(portalId),
UserName = user.Username
};
DataCache.SetCache("BBStoreSecurityToken_" + tokenId.ToString(), token, new TimeSpan(0, 5, 0));
return(tokenId.ToString());
}
public object BeforeCall(string operationName, object[] inputs)
{
// token will always be the last parameter
int index = inputs.Length - 1;
string TokenId = inputs[index].ToString();
// first make sure token exists
BBStoreSecurityToken token = (BBStoreSecurityToken)DataCache.GetCache("BBStoreSecurityToken_" + TokenId);
if (token == null)
{
throw new Exception("Security Token Expired. Please request a new Token");
}
// if token exists, check user roles
UserInfo user = UserController.GetUserById(token.PortalId, token.UserId);
if (!user.IsInRole(Role))
{
throw new Exception("Access Denied. Role Membership Requirements not met.");
}
return(null);
}
