/// <inheritdoc/>
public virtual async Task <ServerSideSession> GetSessionAsync(string key, CancellationToken cancellationToken = default)
{
cancellationToken = cancellationToken == CancellationToken.None ? CancellationTokenProvider.CancellationToken : cancellationToken;
var entity = (await Context.ServerSideSessions.AsNoTracking().Where(x => x.Key == key)
.ToArrayAsync(cancellationToken))
.SingleOrDefault(x => x.Key == key);
var model = default(ServerSideSession);
if (entity != null)
{
model = new ServerSideSession
{
Key = entity.Key,
Scheme = entity.Scheme,
SubjectId = entity.SubjectId,
SessionId = entity.SessionId,
DisplayName = entity.DisplayName,
Created = entity.Created,
Renewed = entity.Renewed,
Expires = entity.Expires,
Ticket = entity.Data,
};
}
Logger.LogDebug("Found server-side session {serverSideSessionKey} in database: {serverSideSessionKeyFound}", key, model != null);
return(model);
}
/// <inheritdoc/>
public virtual async Task CreateSessionAsync(ServerSideSession session, CancellationToken cancellationToken = default)
{
cancellationToken = cancellationToken == CancellationToken.None ? CancellationTokenProvider.CancellationToken : cancellationToken;
var entity = new Entities.ServerSideSession
{
Key = session.Key,
Scheme = session.Scheme,
SessionId = session.SessionId,
SubjectId = session.SubjectId,
DisplayName = session.DisplayName,
Created = session.Created,
Renewed = session.Renewed,
Expires = session.Expires,
Data = session.Ticket,
};
Context.ServerSideSessions.Add(entity);
try
{
await Context.SaveChangesAsync(cancellationToken);
Logger.LogDebug("Created new server-side session {serverSideSessionKey} in database", session.Key);
}
catch (DbUpdateConcurrencyException ex)
{
Logger.LogWarning("Exception creating new server-side session in database: {error}", ex.Message);
}
}
/// <inheritdoc/>
public virtual async Task UpdateSessionAsync(ServerSideSession session, CancellationToken cancellationToken = default)
{
cancellationToken = cancellationToken == CancellationToken.None ? CancellationTokenProvider.CancellationToken : cancellationToken;
var entity = (await Context.ServerSideSessions.Where(x => x.Key == session.Key)
.ToArrayAsync(cancellationToken))
.SingleOrDefault(x => x.Key == session.Key);
if (entity == null)
{
Logger.LogDebug("No server-side session {serverSideSessionKey} found in database. Update failed.", session.Key);
return;
}
entity.Scheme = session.Scheme;
entity.SubjectId = session.SubjectId;
entity.SessionId = session.SessionId;
entity.DisplayName = session.DisplayName;
entity.Created = session.Created;
entity.Renewed = session.Renewed;
entity.Expires = session.Expires;
entity.Data = session.Ticket;
try
{
await Context.SaveChangesAsync(cancellationToken);
Logger.LogDebug("Updated server-side session {serverSideSessionKey} in database", session.Key);
}
catch (DbUpdateConcurrencyException ex)
{
Logger.LogWarning("Exception updating existing server side session {serverSideSessionKey} in database: {error}", session.Key, ex.Message);
}
}
/// <inheritdoc />
public async Task <string> StoreAsync(AuthenticationTicket ticket)
{
ArgumentNullException.ThrowIfNull(ticket);
ticket.SetIssuer(await _issuerNameService.GetCurrentAsync());
var key = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex);
_logger.LogDebug("Creating entry in store for AuthenticationTicket, key {key}, with expiration: {expiration}", key, ticket.GetExpiration());
var session = new ServerSideSession
{
Key = key,
Scheme = ticket.AuthenticationScheme,
Created = ticket.GetIssued(),
Renewed = ticket.GetIssued(),
Expires = ticket.GetExpiration(),
SubjectId = ticket.GetSubjectId(),
SessionId = ticket.GetSessionId(),
DisplayName = ticket.GetDisplayName(_options.ServerSideSessions.UserDisplayNameClaimType),
Ticket = ticket.Serialize(_protector)
};
await _store.CreateSessionAsync(session);
return(key);
}
// Tak, przesyłanie hasła w plain-texcie, jakiekolwiek zabezpieczenia tu są na niby. Koszała się i tak nie zorientuje.
public static string tryToLogIn(string username, string password)
{
var session = new ServerSideSession(username, password);
if (session.Success)
{
string token = Convert.ToBase64String(Guid.NewGuid().ToByteArray());
sessions[token] = session;
return(token);
}
else
{
return("fail");
}
}
internal static ServerSideSession Clone(this ServerSideSession other)
{
var item = new ServerSideSession()
{
Key = other.Key,
Scheme = other.Scheme,
SubjectId = other.SubjectId,
SessionId = other.SessionId,
DisplayName = other.DisplayName,
Created = other.Created,
Renewed = other.Renewed,
Expires = other.Expires,
Ticket = other.Ticket,
};
return(item);
}
