public static string RefreshToken(string oldToken, out UserEntity newUser)
{
AuthToken token = DeserializeToken(oldToken);
newUser = AuthLogic.Disable().Using(_ => Database.Query<UserEntity>().SingleOrDefaultEx(u => u.Id == token.User.Id));
if (newUser == null)
throw new AuthenticationException(AuthMessage.TheUserIsNotLongerInTheDatabase.NiceToString());
if (newUser.State == UserState.Disabled)
throw new AuthenticationException(AuthMessage.User0IsDisabled.NiceToString(newUser));
if (newUser.UserName != token.User.UserName)
throw new AuthenticationException(AuthMessage.InvalidUsername.NiceToString());
if (!newUser.PasswordHash.SequenceEqual(token.User.PasswordHash))
throw new AuthenticationException(AuthMessage.InvalidPassword.NiceToString());
AuthToken newToken = new AuthToken
{
User = newUser,
CreationDate = TimeZoneManager.Now,
};
var result = SerializeToken(newToken);
return result;
}
static void CreateUser(string userName, RoleEntity role)
{
var user = new UserEntity
{
UserName = userName,
PasswordHash = Security.EncodePassword(userName),
Role = role,
State = UserState.Saved,
};
user.SetMixin((UserEmployeeMixin e) => e.Employee, Database.Query<EmployeeEntity>().Single(e => e.FirstName == userName));
user.Save();
}//LoadUsers
internal static void CreateSystemUser()
{
using (OperationLogic.AllowSave<UserEntity>())
using (Transaction tr = new Transaction())
{
UserEntity system = new UserEntity
{
UserName = "******",
PasswordHash = Security.EncodePassword("System"),
Role = Database.Query<RoleEntity>().Where(r => r.Name == "Super user").SingleEx(),
State = UserState.Saved,
}.Save();
tr.Commit();
}
} //CreateSystemUser
public static void SessionEnd(UserEntity user, TimeSpan? timeOut)
{
if (user == null || !RoleTracked(user.Role.ToLite()))
return;
using (AuthLogic.Disable())
{
var sessionEnd = timeOut.HasValue ? TimeZoneManager.Now.Subtract(timeOut.Value).TrimToSeconds() : TimeZoneManager.Now.TrimToSeconds();
var rows = Database.Query<SessionLogEntity>()
.Where(sl => sl.User.RefersTo(user))
.OrderByDescending(sl => sl.SessionStart)
.Take(1)
.Where(sl => sl.SessionEnd == null)
.UnsafeUpdate()
.Set(a => a.SessionEnd, a => sessionEnd)
.Set(a => a.SessionTimeOut, a => timeOut.HasValue)
.Execute();
}
}
static void UserTicketLogic_Saving(UserEntity user)
{
if (!user.IsNew && user.IsGraphModified & user.InDBEntity(u => u.PasswordHash != user.PasswordHash))
user.UserTickets().UnsafeDelete();
}
static int CleanExpiredTickets(UserEntity user)
{
DateTime min = TimeZoneManager.Now.Subtract(ExpirationInterval);
int expired = user.UserTickets().Where(d => d.ConnectionDate < min).UnsafeDelete();
int tooMuch = user.UserTickets().OrderByDescending(t => t.ConnectionDate).Skip(MaxTicketsPerUser).UnsafeDelete();
return expired + tooMuch;
}
public static void AddUserSession(UserEntity user)
{
UserEntity.Current = user;
if (UserLogged != null)
UserLogged();
}
internal static void OnUserPreLogin(Controller controller, UserEntity user)
{
if (UserPreLogin != null)
{
UserPreLogin(controller, user);
}
}
public static string CreateToken(UserEntity user)
{
AuthToken newToken = new AuthToken
{
User = user,
CreationDate = TimeZoneManager.Now,
};
return SerializeToken(newToken);
}
static void AuthClient_Saving(UserEntity ident)
{
if (ident.IsGraphModified && ident.Is(UserEntity.Current))
Transaction.PostRealCommit += ud =>
{
AuthController.UpdateSessionUser();
};
}
public static void LogSessionEnd(UserEntity user, TimeSpan? timeOut)
{
SessionLogLogic.SessionEnd(user, timeOut);
}
public static void AddUserSession(UserEntity user)
{
UserEntity.Current = user;
AuthServer.UserLogged?.Invoke(user);
}
public static void OnUserPreLogin(ApiController controller, UserEntity user)
{
AuthServer.UserPreLogin?.Invoke(controller, user);
}