public HttpResponseMessage <LoginResult> SigninSoftwarePlatform_Post([FromBody] JsonLoginCredential jsonLoginCredential) { return(SigninSoftwarePlatform(jsonLoginCredential)); }
/// <summary> /// Signs a software platform user into the system. /// </summary> /// <param name="jsonLoginCredential">The json login credential.</param> /// <returns></returns> private HttpResponseMessage <LoginResult> SigninSoftwarePlatform(JsonLoginCredential jsonLoginCredential) { var userAgent = Request?.Headers?.UserAgent?.ToString(); try { using (new SecurityBypassContext( )) { try { UserAccountValidator.Authenticate(jsonLoginCredential.Username, jsonLoginCredential.Password, jsonLoginCredential.Tenant, true); } catch (ArgumentException ex) { throw new InvalidCredentialException("Invalid user name, password or tenant", ex); } RequestContext context = ReadiNow.IO.RequestContext.GetContext( ); RequestContextData contextData; UserAccount account = ReadiNow.Model.Entity.Get <UserAccount>(context.Identity.Id, true); if (account != null) { ///// // If we are in integration test mode, update the test authorization info. ///// if (TestAuthorization.IsEnabled) { TestAuthorization.Instance.SetTokenIdentifier(context.Tenant.Id, WellKnownAliases.CurrentTenant.ReadiNowIdentityProviderInstance, account.Name); } // Update cache contextData = Factory.IdentityProviderRequestContextCache.GetRequestContextData(ReadiNow.IO.RequestContext.TenantId, WellKnownAliases.CurrentTenant.ReadiNowIdentityProviderInstance, jsonLoginCredential.Username, true); } else { throw new InvalidOperationException("No UserAccount found."); } ReadiNowIdentityProvider identityProvider = ReadiNow.Model.Entity.Get <ReadiNowIdentityProvider>(WellKnownAliases.CurrentTenant.ReadiNowIdentityProviderInstance); if (!(identityProvider.IsProviderEnabled ?? true)) { throw new AuthenticationException("The identity provider is not enabled."); } contextData.Identity.IdentityProviderTypeAlias = LoginConstants.ReadiNowIdentityProviderTypeAlias; CookieHelper.CreateAuthenticationAndXsrfCookies(ReadiNow.IO.RequestContext.TenantId, WellKnownAliases.CurrentTenant.ReadiNowIdentityProviderInstance, jsonLoginCredential.Username, account.Id, jsonLoginCredential.Persistent); AuditLogInstance.Get().OnLogon(true, jsonLoginCredential.Username, userAgent); return(new HttpResponseMessage <LoginResult>(GetSuccessfulLoginResult(contextData, account.Id), HttpStatusCode.OK)); } } catch (Exception exc) { if (ReadiNow.IO.RequestContext.IsSet) { AuditLogInstance.Get().OnLogon(false, jsonLoginCredential.Username, userAgent); } EventLog.Application.WriteWarning("Software Platform login error. Username: {0}, Tenant: {1}. {2}", jsonLoginCredential.Username ?? "<null>", jsonLoginCredential.Tenant ?? "<null>", exc.Message); throw; // rely on the ExceptionFilter to handle it. } }