Esempio n. 1
0
        public void SignOut(string userName)
        {
            if (!string.IsNullOrEmpty(userName))
            //remove from ViewElementGrantedToUser
            {
                _userProService.RemoveOnlineUsers(userName);
                var userId = CustomMembershipProvider.GetUserIdCookie() ?? 0;

                UserViewElement userViewElement = null;
                if (_viewElementService.AppBase.ViewElementsGrantedToUser.TryGetValue(userId, out userViewElement))
                {
                    UserViewElement removedElement = null;
                    _viewElementService.AppBase.ViewElementsGrantedToUser.TryRemove(userId, out removedElement);
                }
            }
            // Delete the authentication ticket and sign out.
            FormsAuthentication.SignOut();

            // Clear authentication cookie
            CustomMembershipProvider.ClearMembershipCookie(FormsAuthentication.FormsCookieName);

            CustomMembershipProvider.ClearMembershipCookie(CustomMembershipProvider.UserIdCookieName);
            CustomMembershipProvider.ClearMembershipCookie(CustomMembershipProvider.PassCodeCookieName);

            Core.Cmn.AppBase.OnAfterUserSignOut(EventArgs.Empty);
            //if (redirectToLoginPage)
            //FormsAuthentication.RedirectToLoginPage();
        }
Esempio n. 2
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            object area;
            bool   hasArea = httpContext.Request.RequestContext.RouteData.DataTokens.TryGetValue("area", out area);

            var controller = httpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
            var action     = httpContext.Request.RequestContext.RouteData.Values["action"].ToString();

            var viewElementService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IViewElementService>();

            var requestedUrl = hasArea ? string.Format("{0}/{1}/{2}", area, controller, action) : string.Format("{0}/{1}", controller, action);

            if (httpContext.Request.QueryString.Count > 0)
            {
                var rawUrl      = httpContext.Request.RawUrl;
                var queryString = rawUrl.Substring(rawUrl.IndexOf("?"));
                requestedUrl = string.Format("{0}{1}", requestedUrl, queryString);
            }
            var authentication = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IAuthentication>();
            int?userId         = CustomMembershipProvider.GetUserIdCookie();

            if (viewElementService.HasAnonymousAccess(requestedUrl))
            {
                return(true);
            }

            if (userId == null)
            {
                authentication.SignOut(httpContext.User.Identity.Name);
                return(false);
            }
            else
            {
                var userProfileService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IUserProfileService>();

                UserProfile foundUserProfile = userProfileService.Filter(entity => entity.Id.Equals(userId.Value)).FirstOrDefault();

                if (CustomMembershipProvider.IsUserAuthenticate(foundUserProfile))
                {
                    if (!userProfileService.AppBase.OnlineUsers.Any(u => u.UserName.ToLower().Equals(foundUserProfile.UserName)))
                    {
                        authentication.SignIn(foundUserProfile, true, true);
                    }
                    return(viewElementService.HasRoleAccess(foundUserProfile.Id, requestedUrl));
                }

                authentication.SignOut(httpContext.User.Identity.Name);

                return(false);
            }
        }
Esempio n. 3
0
        protected new virtual bool IsAuthorized(HttpActionContext actionContext)
        {
            string controller  = actionContext.ActionDescriptor.ControllerDescriptor.ControllerName;
            string action      = actionContext.ActionDescriptor.ActionName;
            string query       = actionContext.Request.RequestUri.Query;
            var    queryString = new NameValueCollection(System.Web.HttpUtility.ParseQueryString(query));

            var viewElementService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IViewElementService>();

            var requestedUrl = string.Format("{0}/{1}", controller, action);

            return(true);

            if (queryString.Count > 0)
            {
                var queryParams = MakeUrlParameters(queryString);
                requestedUrl = string.Format("{0}?{1}", requestedUrl, queryParams);
            }

            if (viewElementService.HasAnonymousAccess(requestedUrl))
            {
                return(true);
            }

            var userId = CustomMembershipProvider.GetUserIdCookie();

            //if (userId != null)
            //{
            //    var userProfileService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance<IUserProfileService>();

            //    var foundUserProfile = userProfileService.Find(userId);
            //    if (foundUserProfile != null)
            //    {
            //        var encodedUserName = Security.GetMd5Hash(MD5.Create(), foundUserProfile.UserName);

            //       var passCode = Security.GetMd5Hash(MD5.Create(), string.Format("{0}{1}", encodedUserName, foundUserProfile.Password));
            //       if (CustomMembershipProvider.ValidatePassCode(passCode))
            //        {
            //           return viewElementService.RoleHasAccess(foundUserProfile.Id, requestedUrl);

            //        }
            //    }
            //}
            if (userId.HasValue && CustomMembershipProvider.IsCurrentUserAuthenticate())
            {
                return(viewElementService.HasRoleAccess(userId.Value, requestedUrl));
            }

            return(false);
        }