public CustomerSession CreateSwitchboardSession(string owner) { Customer customer = m_customerPersistor.Get(c => c.CustomerUsername == owner); if (customer != null) { if (!customer.EmailAddressConfirmed) { throw new ApplicationException("Your email address has not yet been confirmed."); } else if (customer.Suspended) { throw new ApplicationException("Your account is suspended."); } else { logger.Debug("CreateSwitchboardSession successful for " + owner + "."); string sessionId = Crypto.GetRandomByteString(SESSION_ID_STRING_LENGTH / 2); CustomerSession customerSession = new CustomerSession(Guid.NewGuid(), sessionId, customer.CustomerUsername, null); m_customerSessionPersistor.Add(customerSession); return(customerSession); } } else { logger.Debug("CreateSwitchboardSession failed for " + owner + "."); return(null); } }
public CustomerSession Authenticate(string sessionId) { try { CustomerSession customerSession = m_customerSessionPersistor.Get(s => s.SessionID == sessionId && !s.Expired); //CustomerSession customerSession = m_customerSessionPersistor.Get(s => s.Id == sessionId); if (customerSession != null) { int sessionLengthMinutes = (int)DateTimeOffset.UtcNow.Subtract(customerSession.Inserted).TotalMinutes; //logger.Debug("CustomerSession Inserted=" + customerSession.Inserted.ToString("o") + ", session length=" + sessionLengthMinutes + "mins."); if (sessionLengthMinutes > customerSession.TimeLimitMinutes || sessionLengthMinutes > CustomerSession.MAX_SESSION_LIFETIME_MINUTES) { customerSession.Expired = true; m_customerSessionPersistor.Update(customerSession); return(null); } else { //logger.Debug("Authentication token valid for " + sessionId + "."); return(customerSession); } } else { logger.Warn("Authentication token invalid for " + sessionId + "."); return(null); } } catch (Exception excp) { logger.Error("Exception Authenticate CustomerSessionManager. " + excp.Message); throw; } }
public CustomerSession Authenticate(string username, string password, string ipAddress) { try { if (username.IsNullOrBlank() || password.IsNullOrBlank()) { logger.Debug("Login failed, either username or password was not specified."); return(null); } else { logger.Debug("CustomerSessionManager authenticate requested for username " + username + " from " + ipAddress + "."); // Don't do the password check via the database as different ones have different string case matching. Customer customer = m_customerPersistor.Get(c => c.CustomerUsername == username); if (customer != null && PasswordHash.Hash(password, customer.Salt) == customer.CustomerPassword) { if (!customer.EmailAddressConfirmed) { throw new ApplicationException("Your email address has not yet been confirmed."); } else if (customer.Suspended) { throw new ApplicationException("Your account is suspended."); } else { logger.Debug("Login successful for " + username + "."); string sessionId = Crypto.GetRandomByteString(SESSION_ID_STRING_LENGTH / 2); CustomerSession customerSession = new CustomerSession(Guid.NewGuid(), sessionId, customer.CustomerUsername, ipAddress); m_customerSessionPersistor.Add(customerSession); return(customerSession); } } else { logger.Debug("Login failed for " + username + "."); return(null); } } } catch (Exception excp) { logger.Error("Exception Authenticate CustomerSessionManager. " + excp.Message); throw; } }
public void ExpireToken(string sessionId) { try { CustomerSession customerSession = m_customerSessionPersistor.Get(s => s.SessionID == sessionId); if (customerSession != null) { customerSession.Expired = true; m_customerSessionPersistor.Update(customerSession); } } catch (Exception excp) { logger.Error("Exception ExpireToken CustomerSessionManager. " + excp.Message); throw; } }
public void ExtendSession(string sessionId, int minutes) { try { CustomerSession customerSession = m_customerSessionPersistor.Get(s => s.SessionID == sessionId); if (customerSession != null) { if (customerSession.TimeLimitMinutes >= CustomerSession.MAX_SESSION_LIFETIME_MINUTES) { throw new ApplicationException("The session lifetime cannot be extended beyind " + CustomerSession.MAX_SESSION_LIFETIME_MINUTES + " minutes."); } else { if (customerSession.TimeLimitMinutes + minutes > CustomerSession.MAX_SESSION_LIFETIME_MINUTES) { customerSession.TimeLimitMinutes = CustomerSession.MAX_SESSION_LIFETIME_MINUTES; } else { customerSession.TimeLimitMinutes += minutes; } m_customerSessionPersistor.Update(customerSession); } } else { throw new ApplicationException("The session ID that was requested to extend does not exist."); } } catch (Exception excp) { logger.Error("Exception ExtendSession. " + excp.Message); throw; } }
public CustomerSession CreateSwitchboardSession(string owner) { Customer customer = m_customerPersistor.Get(c => c.CustomerUsername == owner); if (customer != null) { if (!customer.EmailAddressConfirmed) { throw new ApplicationException("Your email address has not yet been confirmed."); } else if (customer.Suspended) { throw new ApplicationException("Your account is suspended."); } else { logger.Debug("CreateSwitchboardSession successful for " + owner + "."); string sessionId = Crypto.GetRandomByteString(SESSION_ID_STRING_LENGTH / 2); CustomerSession customerSession = new CustomerSession(Guid.NewGuid(), sessionId, customer.CustomerUsername, null); m_customerSessionPersistor.Add(customerSession); return customerSession; } } else { logger.Debug("CreateSwitchboardSession failed for " + owner + "."); return null; } }
public CustomerSession Authenticate(string username, string password, string ipAddress) { try { if (username.IsNullOrBlank() || password.IsNullOrBlank()) { logger.Debug("Login failed, either username or password was not specified."); return null; } else { logger.Debug("CustomerSessionManager authenticate requested for username " + username + " from " + ipAddress + "."); // Don't do the password check via the database as different ones have different string case matching. Customer customer = m_customerPersistor.Get(c => c.CustomerUsername == username); if (customer != null && PasswordHash.Hash(password, customer.Salt) == customer.CustomerPassword) { if (!customer.EmailAddressConfirmed) { throw new ApplicationException("Your email address has not yet been confirmed."); } else if (customer.Suspended) { throw new ApplicationException("Your account is suspended."); } else { logger.Debug("Login successful for " + username + "."); string sessionId = Crypto.GetRandomByteString(SESSION_ID_STRING_LENGTH / 2); CustomerSession customerSession = new CustomerSession(Guid.NewGuid(), sessionId, customer.CustomerUsername, ipAddress); m_customerSessionPersistor.Add(customerSession); return customerSession; } } else { logger.Debug("Login failed for " + username + "."); return null; } } } catch (Exception excp) { logger.Error("Exception Authenticate CustomerSessionManager. " + excp.Message); throw; } }