public void Logoff(AccessControlPrincipal principal)
{
if (principal != null && principal.Identity != null)
{
var user = GetUser(principal.Identity.UserId);
if (user != null)
{
//
// Trace the User Activity
//
DbContext.UserActivityLogs.InsertOnSubmit(new UserActivityLog()
{
LoginDate = user.LastLoginDate,
LogoffDate = DateTime.Now,
UserId = user.UserId
});
DbContext.SubmitChanges();
user.IsOnline = false;
user.LastRemoteHost = null;
user.LastActivityDate = DateTime.Now;
user.LastLoginDate = DateTime.Now;
user.PersonalizationRaw = principal.Personalization.SerializeToString();
DbContext.SubmitChanges();
}
}
}
void context_ReleaseRequestState(object sender, EventArgs e)
{
HttpApplication application = sender as HttpApplication;
HttpContext context = application.Context;
if (context.User is IDisposable)
{
(context.User as IDisposable).Dispose();
}
if (Roles.CacheRolesInCookie)
{
if (context.User != null && context.User is AccessControlPrincipal && (context.User as AccessControlPrincipal).IsAuthenticated)
{
if (Roles.CookieRequireSSL && !context.Request.IsSecureConnection)
{
if (context.Request.Cookies[Roles.CookieName] != null)
{
Roles.DeleteCookie();
}
}
else
{
AccessControlPrincipal principal = (AccessControlPrincipal)context.User;
if (context.Request.Browser.Cookies)
{
HttpCookie cookie = new HttpCookie(Roles.CookieName, HttpUtility.UrlEncode(principal.Serialize()));
cookie.HttpOnly = true;
cookie.Path = Roles.CookiePath;
cookie.Domain = Roles.Domain;
if (!Roles.CreatePersistentCookie)
{
cookie.Expires = (principal as AccessControlPrincipal).Identity.LastActivityDate.AddMinutes(20);
}
if (Roles.CookieProtectionValue == CookieProtection.Encryption)
{
cookie.Value = cookie.Value.Encrypt().Compress();
}
cookie.Secure = Roles.CookieRequireSSL;
context.Response.Cookies.Add(cookie);
}
}
}
}
}
void OnSessionEnd(object sender, EventArgs e)
{
HttpApplication application = sender as HttpApplication;
System.Web.SessionState.HttpSessionState session = application.Session;
using (MembershipManager membershipManager = new MembershipManager(null))
{
AccessControlPrincipal principal = session[session.SessionID] as AccessControlPrincipal;
if (principal != null && principal.Identity != null)
{
membershipManager.Logoff(principal);
}
}
session.RemoveAll();
}
void context_PostAcquireRequestState(object sender, EventArgs e)
{
HttpApplication application = sender as HttpApplication;
HttpContext context = application.Context;
MembershipManager membershipManager = new MembershipManager(null);
AccessControlPrincipal principal = null;
DataEntities.User user = null;
System.Security.Principal.IIdentity identity = null;
if (IsValid)
{
context.Trace.Warn("Role Module Begin");
#region Cookies
if ((!Roles.CookieRequireSSL || context.Request.IsSecureConnection))
{
if (Roles.CacheRolesInCookie)
{
HttpCookie cookie = context.Request.Cookies[Roles.CookieName];
if (cookie != null && cookie.Value != null)
{
if (!string.IsNullOrEmpty(Roles.CookiePath) && (Roles.CookiePath != "/"))
cookie.Path = Roles.CookiePath;
if (Roles.CookieProtectionValue == CookieProtection.Encryption)
cookie.Value = cookie.Value.Decrypt().Decompress();
cookie.Domain = Roles.Domain;
context.User = HttpUtility.UrlDecode(cookie.Value).Deserialize<AccessControlPrincipal>();
}
else { Roles.DeleteCookie(); }
}
else { Roles.DeleteCookie(); }
}
else { Roles.DeleteCookie(); }
#endregion
identity = context.User.Identity;
principal = new AccessControlPrincipal(user, identity);
if (context.Session != null && context.Session[context.Session.SessionID] != null && identity.IsAuthenticated)
principal = context.Session[context.Session.SessionID] as AccessControlPrincipal;
if (String.IsNullOrEmpty(principal.Name) && !String.IsNullOrEmpty(identity.Name))
{
user = membershipManager.GetUserByName(identity.Name);
if (user != null)
{
bool timeoutExpired = DateTime.Now.Subtract(user.LastActivityDate).Minutes > System.Web.Security.Membership.UserIsOnlineTimeWindow;
user.LastActivityDate = DateTime.Now;
user.IsOnline = !timeoutExpired;
membershipManager.DbContext.SubmitChanges();
membershipManager.DataManager.Commit();
}
principal = new AccessControlPrincipal(user, identity);
}
if (context.Application["Session_End"] == null)
context.Application["Session_End"] = new EventHandler(OnSessionEnd);
//
// Cache the user in session to dont query database
//
if (context.Session != null && identity.IsAuthenticated)
context.Session[context.Session.SessionID] = principal;
System.Threading.Thread.CurrentPrincipal = principal;
context.User = principal;
context.Trace.Warn("Role Module End");
}
}
void context_PostAcquireRequestState(object sender, EventArgs e)
{
HttpApplication application = sender as HttpApplication;
HttpContext context = application.Context;
MembershipManager membershipManager = new MembershipManager(null);
AccessControlPrincipal principal = null;
DataEntities.User user = null;
System.Security.Principal.IIdentity identity = null;
if (IsValid)
{
context.Trace.Warn("Role Module Begin");
#region Cookies
if ((!Roles.CookieRequireSSL || context.Request.IsSecureConnection))
{
if (Roles.CacheRolesInCookie)
{
HttpCookie cookie = context.Request.Cookies[Roles.CookieName];
if (cookie != null && cookie.Value != null)
{
if (!string.IsNullOrEmpty(Roles.CookiePath) && (Roles.CookiePath != "/"))
{
cookie.Path = Roles.CookiePath;
}
if (Roles.CookieProtectionValue == CookieProtection.Encryption)
{
cookie.Value = cookie.Value.Decrypt().Decompress();
}
cookie.Domain = Roles.Domain;
context.User = HttpUtility.UrlDecode(cookie.Value).Deserialize <AccessControlPrincipal>();
}
else
{
Roles.DeleteCookie();
}
}
else
{
Roles.DeleteCookie();
}
}
else
{
Roles.DeleteCookie();
}
#endregion
identity = context.User.Identity;
principal = new AccessControlPrincipal(user, identity);
if (context.Session != null && context.Session[context.Session.SessionID] != null && identity.IsAuthenticated)
{
principal = context.Session[context.Session.SessionID] as AccessControlPrincipal;
}
if (String.IsNullOrEmpty(principal.Name) && !String.IsNullOrEmpty(identity.Name))
{
user = membershipManager.GetUserByName(identity.Name);
if (user != null)
{
bool timeoutExpired = DateTime.Now.Subtract(user.LastActivityDate).Minutes > System.Web.Security.Membership.UserIsOnlineTimeWindow;
user.LastActivityDate = DateTime.Now;
user.IsOnline = !timeoutExpired;
membershipManager.DbContext.SubmitChanges();
membershipManager.DataManager.Commit();
}
principal = new AccessControlPrincipal(user, identity);
}
if (context.Application["Session_End"] == null)
{
context.Application["Session_End"] = new EventHandler(OnSessionEnd);
}
//
// Cache the user in session to dont query database
//
if (context.Session != null && identity.IsAuthenticated)
{
context.Session[context.Session.SessionID] = principal;
}
System.Threading.Thread.CurrentPrincipal = principal;
context.User = principal;
context.Trace.Warn("Role Module End");
}
}
