/// <inheritdoc/> public virtual async Task <ServerSideSession> GetSessionAsync(string key, CancellationToken cancellationToken = default) { cancellationToken = cancellationToken == CancellationToken.None ? CancellationTokenProvider.CancellationToken : cancellationToken; var entity = (await Context.ServerSideSessions.AsNoTracking().Where(x => x.Key == key) .ToArrayAsync(cancellationToken)) .SingleOrDefault(x => x.Key == key); var model = default(ServerSideSession); if (entity != null) { model = new ServerSideSession { Key = entity.Key, Scheme = entity.Scheme, SubjectId = entity.SubjectId, SessionId = entity.SessionId, DisplayName = entity.DisplayName, Created = entity.Created, Renewed = entity.Renewed, Expires = entity.Expires, Ticket = entity.Data, }; } Logger.LogDebug("Found server-side session {serverSideSessionKey} in database: {serverSideSessionKeyFound}", key, model != null); return(model); }
/// <inheritdoc/> public virtual async Task CreateSessionAsync(ServerSideSession session, CancellationToken cancellationToken = default) { cancellationToken = cancellationToken == CancellationToken.None ? CancellationTokenProvider.CancellationToken : cancellationToken; var entity = new Entities.ServerSideSession { Key = session.Key, Scheme = session.Scheme, SessionId = session.SessionId, SubjectId = session.SubjectId, DisplayName = session.DisplayName, Created = session.Created, Renewed = session.Renewed, Expires = session.Expires, Data = session.Ticket, }; Context.ServerSideSessions.Add(entity); try { await Context.SaveChangesAsync(cancellationToken); Logger.LogDebug("Created new server-side session {serverSideSessionKey} in database", session.Key); } catch (DbUpdateConcurrencyException ex) { Logger.LogWarning("Exception creating new server-side session in database: {error}", ex.Message); } }
/// <inheritdoc/> public virtual async Task UpdateSessionAsync(ServerSideSession session, CancellationToken cancellationToken = default) { cancellationToken = cancellationToken == CancellationToken.None ? CancellationTokenProvider.CancellationToken : cancellationToken; var entity = (await Context.ServerSideSessions.Where(x => x.Key == session.Key) .ToArrayAsync(cancellationToken)) .SingleOrDefault(x => x.Key == session.Key); if (entity == null) { Logger.LogDebug("No server-side session {serverSideSessionKey} found in database. Update failed.", session.Key); return; } entity.Scheme = session.Scheme; entity.SubjectId = session.SubjectId; entity.SessionId = session.SessionId; entity.DisplayName = session.DisplayName; entity.Created = session.Created; entity.Renewed = session.Renewed; entity.Expires = session.Expires; entity.Data = session.Ticket; try { await Context.SaveChangesAsync(cancellationToken); Logger.LogDebug("Updated server-side session {serverSideSessionKey} in database", session.Key); } catch (DbUpdateConcurrencyException ex) { Logger.LogWarning("Exception updating existing server side session {serverSideSessionKey} in database: {error}", session.Key, ex.Message); } }
/// <inheritdoc /> public async Task <string> StoreAsync(AuthenticationTicket ticket) { ArgumentNullException.ThrowIfNull(ticket); ticket.SetIssuer(await _issuerNameService.GetCurrentAsync()); var key = CryptoRandom.CreateUniqueId(format: CryptoRandom.OutputFormat.Hex); _logger.LogDebug("Creating entry in store for AuthenticationTicket, key {key}, with expiration: {expiration}", key, ticket.GetExpiration()); var session = new ServerSideSession { Key = key, Scheme = ticket.AuthenticationScheme, Created = ticket.GetIssued(), Renewed = ticket.GetIssued(), Expires = ticket.GetExpiration(), SubjectId = ticket.GetSubjectId(), SessionId = ticket.GetSessionId(), DisplayName = ticket.GetDisplayName(_options.ServerSideSessions.UserDisplayNameClaimType), Ticket = ticket.Serialize(_protector) }; await _store.CreateSessionAsync(session); return(key); }
// Tak, przesyłanie hasła w plain-texcie, jakiekolwiek zabezpieczenia tu są na niby. Koszała się i tak nie zorientuje. public static string tryToLogIn(string username, string password) { var session = new ServerSideSession(username, password); if (session.Success) { string token = Convert.ToBase64String(Guid.NewGuid().ToByteArray()); sessions[token] = session; return(token); } else { return("fail"); } }
internal static ServerSideSession Clone(this ServerSideSession other) { var item = new ServerSideSession() { Key = other.Key, Scheme = other.Scheme, SubjectId = other.SubjectId, SessionId = other.SessionId, DisplayName = other.DisplayName, Created = other.Created, Renewed = other.Renewed, Expires = other.Expires, Ticket = other.Ticket, }; return(item); }