public void Set(HttpContext context, AuthenticationSessionViewModel sessionViewModel)
{
var cipherSession = _cryptographyService.Encrypt(sessionViewModel, _encryptionKey);
var session = Encoding.UTF8.GetBytes(cipherSession);
context.Session.Set(_sessionName, session);
}
public async Task <ApiResult <SignInViewModel> > SignIn(SignInViewModel model)
{
var signInResult = await _userRepository.SignIn(model);
var result = new ApiResult <SignInViewModel>();
if (!signInResult.Success && signInResult.MessageType != MessageType.Success)
{
result.Success = false;
result.Data = null;
result.Info = signInResult.Info;
result.Message = signInResult.Message;
result.MessageType = signInResult.MessageType;
return(result);
}
var timeSpan = model.RememberMe ? TimeSpan.FromDays(30) : TimeSpan.FromHours(1);
var maxAge = model.RememberMe ? TimeSpan.FromDays(180) : TimeSpan.FromDays(1);
var cookie = new AuthenticationCookieViewModel()
{
PhoneNumber = signInResult.Data.PhoneNumber,
UserId = signInResult.Data.Id,
Password = signInResult.Data.Password,
RememberMe = model.RememberMe,
MaxAgeDateTime = DateTime.Now.Add(maxAge)
};
var cookieOptions = new CookieOptions()
{
Expires = DateTimeOffset.Now.Add(timeSpan),
MaxAge = maxAge,
};
_authenticationCookieService.Set(HttpContext, cookie, cookieOptions);
var session = new AuthenticationSessionViewModel()
{
UserId = signInResult.Data.Id,
UserFullName = signInResult.Data.Fullname
};
_authentcationSessionService.Set(HttpContext, session);
result.Success = true;
result.Data = signInResult.Data;
result.Info = signInResult.Info;
result.Message = signInResult.Message;
result.MessageType = signInResult.MessageType;
return(result);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.HttpContext.Session.TryGetValue(_isAuthenticationChecked, out var boolBytes))
{
var boolString = Encoding.UTF8.GetString(boolBytes);
if (bool.Parse(boolString))
{
return;
}
}
var userId = 0;
try
{
if (_grantType == AuthorizeLevel.AllowAnanymos)
{
return;
}
var path = _httpContextAccessor.HttpContext.Request.Path.Value;
var authSession = _authSessionService.Get(_httpContext);
var authCookie = _authCookieService.Get(_httpContext);
if (authSession == null || !_authorizeService.CheckUserSession(authSession))
{
if (authCookie == null || !_authorizeService.CheckUserCookie(authCookie))
{
filterContext.Result = new RedirectResult("/Account/LogIn?returnUrl=" + path);
return;
}
else
{
var phoneNumber = authCookie.PhoneNumber;
var password = authCookie.Password;
var user = _authorizeService.GetUser(phoneNumber: phoneNumber, password);
if (user != null)
{
var session = new AuthenticationSessionViewModel()
{
UserId = user.Id,
UserFullName = user.Fullname
};
_authSessionService.Update(_httpContext, session);
authSession = _authSessionService.Get(_httpContext);
userId = user.Id;
}
else
{
throw new UnauthorizedAccessException();
//filterContext.Result = new RedirectResult("/Account/Logout");
//return;
}
}
}
else if (authCookie == null) // both of User Session is NOT null but User Cookie is null
{
_authSessionService.Remove(_httpContext);
filterContext.Result = new RedirectToActionResult("SignIn", "User", new { area = "Account" });
return;
}
else // User Session and User Cookie isn't null
{
userId = authCookie.UserId;
}
if (_grantType == AuthorizeLevel.LogedIn)
{
return;
}
var areaTitle = string.Empty;
try
{
areaTitle = filterContext.RouteData.DataTokens["Full"].ToString();
}
catch (Exception e)
{
// Do nothing
}
var controllerTitle = filterContext.RouteData.Values["Controller"].ToString();
var actionTitle = filterContext.RouteData.Values["Action"].ToString();
var hasAccess = _authorizeService.CheckUserPermision(areaTitle: areaTitle,
controllerTitle: controllerTitle, actionTitle: actionTitle, userId: userId);
if (!hasAccess)
{
throw new UnauthorizedAccessException();
}
_authCookieService.AddExpireTime(_httpContext);
}
catch (UnauthorizedAccessException)
{
if (IsAjaxRequest())
{
filterContext.Result = userId == 0
? new JsonResult(new { HttpStatusCode.Unauthorized })
: new JsonResult(new { HttpStatusCode.Forbidden });
}
else
{
filterContext.HttpContext.Response.StatusCode = userId == 0
? (int)System.Net.HttpStatusCode.Unauthorized
: (int)System.Net.HttpStatusCode.Forbidden;
}
}
catch (Exception)
{
if (IsAjaxRequest())
{
filterContext.Result = new JsonResult(new { HttpStatusCode.InternalServerError });
}
else
{
filterContext.HttpContext.Response.StatusCode = (int)System.Net.HttpStatusCode.InternalServerError;
}
}
finally
{
if (_grantPriority == GrantPriority.Override)
{
if (filterContext.HttpContext.Session.TryGetValue(_isAuthenticationChecked, out var buffer))
{
var converted = bool.Parse(Encoding.UTF8.GetString(buffer));
if (converted)
{
}
else
{
var trueString = bool.TrueString;
var bytes = Encoding.UTF8.GetBytes(trueString);
filterContext.HttpContext.Session.Set(_isAuthenticationChecked, bytes);
}
}
else
{
var trueString = bool.TrueString;
var bytes = Encoding.UTF8.GetBytes(trueString);
filterContext.HttpContext.Session.Set(_isAuthenticationChecked, bytes);
}
}
}
}
public bool CheckUserSession(AuthenticationSessionViewModel authenticationSession)
{
return(authenticationSession != null);
}
public void Update(HttpContext context, AuthenticationSessionViewModel sessionViewModel)
{
Remove(context);
Set(context, sessionViewModel);
}
