protected virtual RefreshJWTData GenerateRefrehToken(JWTData jwt)
{
return(new RefreshJWTData
{
DeviceId = jwt.DeviceId,
TokenId = jwt.TokenId,
UserId = jwt.UserId
});
}
protected virtual bool ValidateUserJWT(string jwt, out JWTData userId)
{
if (jwt != null && jwt.TryRead(out JWTData obj))
{
var currentHost = _accessor.HttpContext?.Request.GetHostUrl();
userId = obj;
return(obj.ExpireTime > DateTime.Now && (string.IsNullOrEmpty(obj.Provider) || obj.Provider.ToLower() == currentHost.ToLower()));
}
userId = null;
return(false);
}
protected virtual void SetToken(LoginResult res, bool remember = false)
{
JWTData jwt = MakeJWT(res);
res.TokenExpiry = jwt.ExpireTime;
res.Token = Shell.Encryptor.Encrypt(jwt.ToJson());
if (remember)
{
var r = GenerateRefrehToken(jwt);
res.RefreshToken = Shell.Encryptor.Encrypt(r.ToJson());
}
}
public static string MakeTestToken(object userId, string provider)
{
TimeSpan time = Shell.AuthorizationService.SessionManager.DefaultSessionTime;
JWTData jwt = new JWTData
{
UserId = userId,
Provider = provider,
StartTime = DateTime.Now,
ExpireTime = DateTime.Now + time
};
return(Shell.Encryptor.Encrypt(jwt.ToJson()));
}
private void SetToken(LoginResult res)
{
TimeSpan time = Shell.AuthorizationService.SessionManager.DefaultSessionTime;
JWTData jwt = new JWTData
{
UserId = res.UserData.UserId,
Provider = TokenProvider,
StartTime = DateTime.Now,
ExpireTime = DateTime.Now + time
};
res.TokenExpiry = jwt.ExpireTime;
res.Token = Shell.Encryptor.Encrypt(jwt.ToJson());
}
public static string MakeTestToken(string userId, string provider)
{
using (var sc = Shell.GetScope())
{
TimeSpan time = (sc.ServiceProvider.GetService <ISessionManager>()?.DefaultSessionTime) ?? new TimeSpan(1, 0, 0, 0);
JWTData jwt = new JWTData
{
UserId = userId,
Provider = provider,
StartTime = DateTime.Now,
ExpireTime = DateTime.Now + time
};
return(Shell.Encryptor.Encrypt(jwt.ToJson()));
}
}
public override void StartSession(IUser user, TimeSpan?length = null)
{
base.StartSession(user, length);
TimeSpan add = length ?? DefaultSessionTime;
JWTData data = new JWTData
{
UserId = user.UserId,
ExpireTime = DateTime.Now + add,
StartTime = DateTime.Now
};
string st = Shell.Encryptor.Encrypt(data.ToJson());
_accessor.HttpContext.Response.Cookies.Append("UserId", st, new CookieOptions {
Expires = data.ExpireTime
});
}
protected virtual JWTData MakeJWT(LoginResult res)
{
var jwt = new JWTData
{
UserId = res.UserData.UserId,
Provider = TokenProvider,
StartTime = DateTime.Now,
ExpireTime = TokenLifeTime == null ? DateTime.MaxValue : DateTime.Now + TokenLifeTime.Value,
DeviceId = SecurityUnit?.ClientData.DeviceId,
TokenId = Utils.RandomAlphabet(6, CharType.Small)
};
if (res.UserData is IAuthorizableUser)
{
jwt.Roles = ((IAuthorizableUser)res.UserData).Roles;
}
return(jwt);
}
public override void AuthorizationRequest()
{
var authCookie = _accessor.HttpContext.Request.Cookies["UserId"];
if (authCookie != null)
{
try
{
string jwt = Shell.Encryptor.Decrypt(authCookie);
JWTData data = jwt.FromJson <JWTData>();
if (data != null)
{
_accessor.HttpContext.User = new DefaultPrincipal(data.UserId.ToString());
}
}
catch { }
}
}
public void AuthorizationRequest()
{
HttpContext.Current.User = null;
if (HttpContext.Current.Request.Headers.AllKeys.Contains("auth-token"))
{
//Logger.WriteLine("token recieved on Portal.Web " + HttpContext.Current.Request.Headers["auth-token"]);
string head = HttpContext.Current.Request.Headers["auth-token"];
string data = Shell.Encryptor.Decrypt(head);
if (data != null)
{
//Logger.WriteLine("token Successfully decrypted : " + data);
JWTData jwt = data.FromJson <JWTData>();
//Logger.WriteLine("token successfully parsed");
if (jwt != null && jwt.IsValid(HttpContext.Current.Request.GetHostName()))
{
HttpContext.Current.User = new DefaultPrincipal(jwt.UserId.ToString());
}
}
}
}
protected virtual void SetIdentity(JWTData jwt)
{
_accessor.HttpContext.User = new DefaultPrincipal(jwt.UserId);
provider.SetCurrentUserId(jwt.UserId);
}