public async static Task <AuthenticatedUser> SetAuthenticatedUserAsync(this HttpContext context, string userId)
{
AuthenticatedUser authUser = null;
// check in the sessions
if (userId != null)
{
var user = await((Directory.Users)context.Data["users"]).GetUserAsync(userId);
if (user != null)
{
authUser = new AuthenticatedUser {
user = user
}
}
;
}
context.User = (authUser != null) ? authUser.Name : null;
context.Data[AuthUserKey] = authUser;
return(authUser);
}
}
public async static Task <AuthenticatedUser> GetAuthenticatedUserAsync(this HttpContext context)
{
if (context.Data.ContainsKey(AuthUserKey))
{
return(context.Data[AuthUserKey] as AuthenticatedUser);
}
AuthenticatedUser authUser = null;
// check in the sessions
var userId = await((Sessions)context.Data["sessions"]).GetAuthenticatedUserAsync(context);
if (userId != null)
{
var user = await((Directory.Users)context.Data["users"]).GetUserAsync(userId);
if (user != null)
{
authUser = new AuthenticatedUser {
user = user
}
}
;
}
// check for HTTP Basic authorization
if ((authUser == null) && (context.Request.Headers.ContainsKey("authorization")))
{
var parts = context.Request.Headers["authorization"].Split(new char[] { ' ' }, 2, StringSplitOptions.RemoveEmptyEntries);
if (parts[0].ToLowerInvariant() == "basic")
{
var authorization = Encoding.UTF8.GetString(Convert.FromBase64String(parts[1]));
var pos = authorization.IndexOf(':');
if (pos != -1)
{
var login = authorization.Substring(0, pos);
var password = authorization.Substring(pos + 1);
// check in the applications
var app = await((Applications)context.Data["applications"]).CheckPasswordAsync(login, password);
if (app != null)
{
authUser = new AuthenticatedUser {
application = app
}
}
;
// check in the users
if (authUser == null)
{
userId = await((Users)context.Data["users"]).RateLimitedCheckPasswordAsync(context, login, password);
if (userId != null)
{
var user = await((Users)context.Data["users"]).GetUserAsync(userId);
if (user != null)
{
authUser = new AuthenticatedUser {
user = user
}
}
;
}
}
}
}
}
// check for Query string authentication
if ((authUser == null) && context.Request.QueryString.ContainsKey("app_id") &&
context.Request.QueryString.ContainsKey("app_key"))
{
var login = context.Request.QueryString["app_id"];
var password = context.Request.QueryString["app_key"];
// check in the applications
var app = await((Applications)context.Data["applications"]).CheckPasswordAsync(login, password);
if (app != null)
{
authUser = new AuthenticatedUser {
application = app
}
}
;
}
context.User = (authUser != null) ? authUser.Name : null;
context.Data[AuthUserKey] = authUser;
return(authUser);
}
