コード例 #1
0
        private async Task <bool> LoginUsingBasicAuth(UserSession userSession, HttpContext context,
                                                      IAuthenticationService authenticationService)
        {
            using (StopWatchTimer stopWatchTimer = StopWatchTimer.Initialise(_autoLoginBasicAuthLogin))
            {
                string authData = context.Request.Headers[SharedPluginFeatures.Constants.HeaderAuthorizationName];

                if (!authData.StartsWith("Basic ", StringComparison.InvariantCultureIgnoreCase))
                {
                    context.Response.StatusCode = 400;
                    return(false);
                }

                try
                {
                    authData = System.Text.Encoding.GetEncoding("ISO-8859-1").GetString(Convert.FromBase64String(authData.Substring(6)));
                }
                catch (FormatException)
                {
                    context.Response.StatusCode = 400;
                    return(false);
                }

                string[] authParts = authData.Split(':', StringSplitOptions.RemoveEmptyEntries);

                if (authParts.Length != 2)
                {
                    context.Response.StatusCode = 400;
                    return(false);
                }

                UserLoginDetails loginDetails = new UserLoginDetails();

                LoginResult loginResult = _loginProvider.Login(authParts[0], authParts[1],
                                                               GetIpAddress(context), 1, ref loginDetails);

                if (loginResult == LoginResult.Success)
                {
                    userSession.Login(loginDetails.UserId, loginDetails.Username, loginDetails.Email);
                    await authenticationService.SignInAsync(context,
                                                            _loginControllerSettings.AuthenticationScheme,
                                                            new ClaimsPrincipal(_claimsProvider.GetUserClaims(loginDetails.UserId)),
                                                            _claimsProvider.GetAuthenticationProperties());

                    return(true);
                }
                else
                {
                    context.Response.StatusCode = 401;
                    return(false);
                }
            }
        }
コード例 #2
0
        public ClaimsIdentity GetClaimsIdentity(string userId)
        {
            var claimsIdentity = new ClaimsIdentity();

            claimsIdentity.AddClaims(_claimsProvider.GetUserClaims(userId));

            return(claimsIdentity);
        }
コード例 #3
0
        public async Task Invoke(HttpContext context)
        {
            using (StopWatchTimer stopwatchTimer = StopWatchTimer.Initialise(_loginTimings))
            {
                UserSession userSession = GetUserSession(context);

                if (userSession != null && String.IsNullOrEmpty(userSession.UserName) &&
                    CookieExists(context, _loginControllerSettings.RememberMeCookieName))
                {
                    using (StopWatchTimer stopwatchAutoLogin = StopWatchTimer.Initialise(_autoLoginTimings))
                    {
                        string cookieValue = CookieValue(context, _loginControllerSettings.RememberMeCookieName,
                            _loginControllerSettings.EncryptionKey, String.Empty);

                        if (Int64.TryParse(cookieValue, out long userId))
                        {
                            UserLoginDetails loginDetails = new UserLoginDetails(userId, true);

                            LoginResult loginResult = _loginProvider.Login(String.Empty, String.Empty,
                                base.GetIpAddress(context), 1, ref loginDetails);

                            if (loginResult == LoginResult.Remembered)
                            {
                                userSession.Login(userId, loginDetails.Username, loginDetails.Email);
                                await _authenticationService.SignInAsync(context,
                                    _loginControllerSettings.AuthenticationScheme,
                                    new ClaimsPrincipal(_claimsProvider.GetUserClaims(loginDetails.UserId)),
                                    _claimsProvider.GetAuthenticationProperties());
                            }
                            else
                            {
                                CookieDelete(context, _loginControllerSettings.RememberMeCookieName);
                            }
                        }
                        else
                        {
                            CookieDelete(context, _loginControllerSettings.RememberMeCookieName);
                        }
                    }
                }
            }

            await _next(context);
        }
コード例 #4
0
        public IActionResult Index(LoginViewModel model)
        {
            if (model == null)
            {
                throw new ArgumentNullException(nameof(model));
            }

            LoginCacheItem loginCacheItem = GetCachedLoginAttempt(true);

            if (!String.IsNullOrEmpty(loginCacheItem.CaptchaText))
            {
                if (!loginCacheItem.CaptchaText.Equals(model.CaptchaText))
                {
                    ModelState.AddModelError(String.Empty, Languages.LanguageStrings.CodeNotValid);
                }
            }

            loginCacheItem.LoginAttempts++;

            model.ShowCaptchaImage = loginCacheItem.LoginAttempts >= _settings.CaptchaShowFailCount;

            UserLoginDetails loginDetails = new UserLoginDetails();

            model.Breadcrumbs = GetBreadcrumbs();
            model.CartSummary = GetCartSummary();

            LoginResult loginResult = _loginProvider.Login(model.Username, model.Password, GetIpAddress(),
                                                           loginCacheItem.LoginAttempts, ref loginDetails);

            switch (loginResult)
            {
            case LoginResult.Success:
            case LoginResult.PasswordChangeRequired:
                RemoveLoginAttempt();

                UserSession session = GetUserSession();

                if (session != null)
                {
                    session.Login(loginDetails.UserId, loginDetails.Username, loginDetails.Email);
                }

                if (model.RememberMe)
                {
                    CookieAdd(_settings.RememberMeCookieName, Encrypt(loginDetails.UserId.ToString(),
                                                                      _settings.EncryptionKey), _settings.LoginDays);
                }


                GetAuthenticationService().SignInAsync(HttpContext,
                                                       _settings.AuthenticationScheme,
                                                       new ClaimsPrincipal(_claimsProvider.GetUserClaims(loginDetails.UserId)),
                                                       _claimsProvider.GetAuthenticationProperties());

                if (loginResult == LoginResult.PasswordChangeRequired)
                {
                    return(Redirect(_settings.ChangePasswordUrl));
                }

                return(Redirect(model.ReturnUrl));

            case LoginResult.AccountLocked:
                return(RedirectToAction(nameof(AccountLocked), new { username = model.Username }));

            case LoginResult.InvalidCredentials:
                ModelState.AddModelError(String.Empty, Languages.LanguageStrings.InvalidUsernameOrPassword);
                break;
            }

            if (model.ShowCaptchaImage)
            {
                loginCacheItem.CaptchaText = GetRandomWord(_settings.CaptchaWordLength, CaptchaCharacters);
            }

            return(View(model));
        }