/// <summary> /// Inspects the environment and checks to see if this is a POST containing the HTML form fields in the login.html page. /// </summary> /// <param name="environment"></param> /// <param name="formsAuthenticationProvider"></param> public LoginContext(IDictionary<string, object> environment, FormsAuthenticationProvider formsAuthenticationProvider) { _environment = environment; Request = new OwinRequest(environment); Response = new OwinResponse(environment); _formsAuthenticationProvider = formsAuthenticationProvider; _responseStream = Response.Body; var requestContentType = Request.GetHeader("Content-Type"); _isFormUrlEncodedPost = Request.Method == "POST" && !string.IsNullOrEmpty(requestContentType) && requestContentType.StartsWith("application/x-www-form-urlencoded"); if (_isFormUrlEncodedPost && Request.Body != null) { _formData = Request.ReadForm().Result; var username = _formData["login_username"]; var password = _formData["login_password"]; var rememberMe = _formData["remember_me"] != null && _formData["remember_me"] == "yes"; if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password)) { environment["formsauthn.username"] = username; environment["formsauthn.password"] = password; environment["formsauthn.remember"] = rememberMe; } } }
public static IAppBuilder UseProcessLoginPostback(this IAppBuilder builder, FormsAuthenticationProvider formsAuthenticationProvider) { if (builder == null) { throw new ArgumentNullException("builder"); } return builder.Use(typeof(LoginFormMiddleware), formsAuthenticationProvider); }
public LoginFormMiddleware(Func<IDictionary<string, object>, Task> next, FormsAuthenticationProvider formsAuthenticationProvider) { if (next == null) { throw new ArgumentNullException("next"); } if (formsAuthenticationProvider == null) { throw new ArgumentNullException("formsAuthenticationProvider"); } _next = next; _formsAuthenticationProvider = formsAuthenticationProvider; }
public void Configuration(IAppBuilder builder) { var rootDirectory = Environment.CurrentDirectory; var loginDirectory = Path.Combine(rootDirectory, "login"); var fs = new PhysicalFileSystem(rootDirectory); var loginFs = new PhysicalFileSystem(loginDirectory); var dfo = new DefaultFilesOptions(); dfo.DefaultFileNames.Add("index.html"); dfo.FileSystem = fs; var sfo = new StaticFileOptions { FileSystem = fs }; var loginSfo = new StaticFileOptions { FileSystem = loginFs }; builder.SetDataProtectionProvider(new DpapiDataProtectionProvider()); var formsAuthenticationProvider = new FormsAuthenticationProvider(); formsAuthenticationProvider.OnValidateLogin = context => { Console.WriteLine("Validating Login"); Console.WriteLine("================"); Console.WriteLine(" Context.AuthType: " + context.AuthenticationType); Console.WriteLine(" Context.Identity: " + (context.Identity != null ? context.Identity.Name : "Not set")); Console.WriteLine(" Context.Environment:"); var response = new OwinResponse(context.Environment); if (LoginContext.GetIsLoginRequest(context.Environment)) { // Need to retrieve username and password from environment b/c it doesn't // come through in the context (even though the context constructor accepts them) var username = context.Environment["formsauthn.username"].ToString(); var password = context.Environment["formsauthn.password"].ToString(); var remember = bool.Parse(context.Environment["formsauthn.remember"].ToString()); Console.WriteLine(" Request.Username: "******" Request.Password: "******" Request.Remember: " + remember); if (username == password) { var identity = new ClaimsIdentity( new GenericIdentity(username, context.AuthenticationType), new[] { new Claim(ClaimTypes.IsPersistent, remember.ToString()) } ); // I assumed that this would take care of populating the cookie for me... but not so much. context.Signin(identity); var msg = "Access granted."; Console.WriteLine(msg); var msgBytes = Encoding.UTF8.GetBytes(msg); return response.Body.WriteAsync(msgBytes, 0, msgBytes.Length); } else { var msg = "Access denied. Try with username=password"; Console.WriteLine(msg); var msgBytes = Encoding.UTF8.GetBytes(msg); return response.Body.WriteAsync(msgBytes, 0, msgBytes.Length); } } else { foreach (var item in context.Environment) { Console.WriteLine(" {0}={1}", item.Key, item.Value != null ? (item.Value is string ? (string) item.Value : item.Value.GetType().FullName) : "Not set" ); } } return response.Body.WriteAsync(new byte[] { }, 0, 0); }; builder.UseFormsAuthentication( new FormsAuthenticationOptions { CookieHttpOnly = true, CookieName = "AuthCookie", CookiePath = "/", CookieSecure = false, LoginPath = "/login/", ExpireTimeSpan = TimeSpan.FromHours(1), ReturnUrlParameter = "returnUrl", SlidingExpiration = true, Provider = formsAuthenticationProvider } ); builder.UseApplicationSignInCookie(); builder.UseDefaultFiles(dfo); builder.UseErrorPage(); builder.MapPath("/login", loginBuilder => loginBuilder.UseProcessLoginPostback(formsAuthenticationProvider).UseStaticFiles(loginSfo)); builder.UseDenyAnonymous().UseStaticFiles(sfo); }