protected void OKButton_Click(object sender, EventArgs e) { SubscriberTableAdapter sta = new SubscriberTableAdapter(); DataSet.SubscriberDataTable dt = sta.GetDataByAuthKey(AuthenticationKeyTextBox.Text); if (dt.Count == 0) { InvalidKeyLabel.Text = "���͂��ꂽ�F�L�[�͖����ł��B"; return; } DataSet.SubscriberRow subscriber = dt[0]; TokenPublisher p = new TokenPublisher(subscriber, DateTime.Now); DataSet.TokenRow token; try { token = p.Publish(); } catch (DoubtfulAuthBehaviorException ex) { p.LockOut(); logger.Info(ex.Message); WebUtil.RedirectToLockout(Context, subscriber.LockoutUntil); return; } WebUtil.AddAuthCookie(Response, token.Body); if (Request.QueryString["from"] != null && Request.QueryString["from"].Length > 0) { Response.Redirect(HttpUtility.UrlDecode(Request.QueryString["from"])); } }
public override void AuthenticateRequest(HttpContext context) { if (context.Request.Cookies[SiteConstant.AuthTokenCookieName] == null) { WebUtil.RedirectToAskAuthPage(context); return; } string tokenBody = context.Request.Cookies[SiteConstant.AuthTokenCookieName].Value; TokenVerifier v = new TokenVerifier(tokenBody, now); if (!v.IsValid) { logger.Info("token invalid. RequestInfo: " + WebUtil.RequestInfo(context)); WebUtil.RedirectToAskAuthPage(context); return; } if (v.IsLockedOut) { logger.Info("token is locked out. RequestInfo: " + WebUtil.RequestInfo(context)); WebUtil.RedirectToLockout(context, v.Subscriber.LockoutUntil); return; } if (v.IsOutdated) { logger.Info("token is Outdated. RequestInfo: " + WebUtil.RequestInfo(context)); TokenPublisher p = new TokenPublisher(v.Subscriber, now); DataSet.TokenRow t; try { t = p.Publish(); } catch (DoubtfulAuthBehaviorException e) { p.LockOut(); logger.Info(e.Message); WebUtil.RedirectToLockout(context, v.Subscriber.LockoutUntil); return; } catch (Exception ex) { logger.Error("�F�g�[�N���̔��s�Ɏ��s���܂���", ex); context.Response.StatusCode = (int) HttpStatusCode.InternalServerError; context.Response.End(); return; } HttpCookie cookie = new HttpCookie(SiteConstant.AuthTokenCookieName, t.Body); cookie.Expires = DateTime.MaxValue; context.Response.Cookies.Add(cookie); } context.User = new GenericPrincipal(new GenericIdentity("user"), null); }