コード例 #1
0
        public static IApplicationBuilder UseCloudscribeCoreDefaultAuthentication(
            this IApplicationBuilder builder,
            ILoggerFactory loggerFactory,
            MultiTenantOptions multiTenantOptions,
            SiteContext tenant,
            CookieSecurePolicy applicationCookieSecure = CookieSecurePolicy.SameAsRequest
            )
        {
            var useFolder = !multiTenantOptions.UseRelatedSitesMode &&
                            multiTenantOptions.Mode == cloudscribe.Core.Models.MultiTenantMode.FolderName &&
                            tenant.SiteFolderName.Length > 0;

            var externalCookieOptions = builder.SetupOtherCookies(
                AuthenticationScheme.External,
                multiTenantOptions.UseRelatedSitesMode,
                tenant);

            builder.UseCookieAuthentication(externalCookieOptions);

            var twoFactorRememberMeCookieOptions = builder.SetupOtherCookies(
                AuthenticationScheme.TwoFactorRememberMe,
                multiTenantOptions.UseRelatedSitesMode,
                tenant);

            builder.UseCookieAuthentication(twoFactorRememberMeCookieOptions);

            var twoFactorUserIdCookie = builder.SetupOtherCookies(
                AuthenticationScheme.TwoFactorUserId,
                multiTenantOptions.UseRelatedSitesMode,
                tenant);

            builder.UseCookieAuthentication(twoFactorUserIdCookie);

            //var cookieEvents = new CookieAuthenticationEvents();
            var logger           = loggerFactory.CreateLogger <SiteAuthCookieValidator>();
            var cookieValidator  = new SiteAuthCookieValidator(logger);
            var appCookieOptions = builder.SetupAppCookie(
                cookieValidator,
                AuthenticationScheme.Application,
                multiTenantOptions.UseRelatedSitesMode,
                tenant,
                applicationCookieSecure
                );

            builder.UseCookieAuthentication(appCookieOptions);

            // known issue here is if a site is updated to populate the
            // social auth keys, it currently requires a restart so that the middleware gets registered
            // in order for it to work or for the social auth buttons to appear
            builder.UseSocialAuth(tenant, externalCookieOptions, useFolder);


            return(builder);
        }
コード例 #2
0
        public static IApplicationBuilder UseCloudscribeCoreDefaultAuthentication(
            this IApplicationBuilder builder,
            ILoggerFactory loggerFactory,
            MultiTenantOptions multiTenantOptions,
            SiteContext tenant,
            bool sslIsAvailable = true,
            CookieSecurePolicy applicationCookieSecure = CookieSecurePolicy.SameAsRequest
            )
        {
            var useFolder = !multiTenantOptions.UseRelatedSitesMode &&
                            multiTenantOptions.Mode == cloudscribe.Core.Models.MultiTenantMode.FolderName &&
                            tenant.SiteFolderName.Length > 0;

            var externalCookieOptions = builder.SetupOtherCookies(
                AuthenticationScheme.External,
                multiTenantOptions.UseRelatedSitesMode,
                tenant);

            builder.UseCookieAuthentication(externalCookieOptions);

            var twoFactorRememberMeCookieOptions = builder.SetupOtherCookies(
                AuthenticationScheme.TwoFactorRememberMe,
                multiTenantOptions.UseRelatedSitesMode,
                tenant);

            builder.UseCookieAuthentication(twoFactorRememberMeCookieOptions);

            var twoFactorUserIdCookie = builder.SetupOtherCookies(
                AuthenticationScheme.TwoFactorUserId,
                multiTenantOptions.UseRelatedSitesMode,
                tenant);

            builder.UseCookieAuthentication(twoFactorUserIdCookie);

            //var cookieEvents = new CookieAuthenticationEvents();
            var logger           = loggerFactory.CreateLogger <SiteAuthCookieValidator>();
            var cookieValidator  = new SiteAuthCookieValidator(logger);
            var appCookieOptions = builder.SetupAppCookie(
                cookieValidator,
                AuthenticationScheme.Application,
                multiTenantOptions.UseRelatedSitesMode,
                tenant,
                applicationCookieSecure
                );

            builder.UseCookieAuthentication(appCookieOptions);


            builder.UseSocialAuth(tenant, externalCookieOptions, useFolder, sslIsAvailable);


            return(builder);
        }
コード例 #3
0
        public static CookieAuthenticationOptions SetupAppCookie(
            this IApplicationBuilder app,
            SiteAuthCookieValidator siteValidator,
            string scheme,
            bool useRelatedSitesMode,
            SiteContext tenant,
            CookieSecurePolicy cookieSecure = CookieSecurePolicy.SameAsRequest
            )
        {
            var cookieEvents = new CookieAuthenticationEvents();
            var options      = new CookieAuthenticationOptions();

            if (useRelatedSitesMode)
            {
                options.AuthenticationScheme = scheme;
                options.CookieName           = scheme;
                options.CookiePath           = "/";
            }
            else
            {
                //options.AuthenticationScheme = $"{scheme}-{tenant.SiteFolderName}";
                options.AuthenticationScheme     = scheme;
                options.CookieName               = $"{scheme}-{tenant.SiteFolderName}";
                options.CookiePath               = "/" + tenant.SiteFolderName;
                cookieEvents.OnValidatePrincipal = siteValidator.ValidatePrincipal;
            }

            var tenantPathBase = string.IsNullOrEmpty(tenant.SiteFolderName)
                ? PathString.Empty
                : new PathString("/" + tenant.SiteFolderName);

            options.LoginPath        = tenantPathBase + "/account/login";
            options.LogoutPath       = tenantPathBase + "/account/logoff";
            options.AccessDeniedPath = tenantPathBase + "/account/accessdenied";

            options.Events = cookieEvents;

            options.AutomaticAuthenticate = true;
            options.AutomaticChallenge    = false;

            options.CookieSecure = cookieSecure;

            return(options);
        }