コード例 #1
0
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }

            if (AuthorizeCore(filterContext.HttpContext))
            {
                VauctionPrincipal principal = (filterContext.HttpContext.User as VauctionPrincipal);
                if (principal == null)
                {
                    LogOutUser(filterContext); return;
                }
                VauctionIdentity identity = principal.UIdentity;

                var user = filterContext.HttpContext.Session[SessionKeys.User] as SessionUser;
                if (user == null || (string.Compare(user.IP, filterContext.HttpContext.Request.UserHostAddress, true) != 0 && user.IsBuyer))
                {
                    LogOutUser(filterContext); return;
                }

                bool isNeedToCheckStatus = principal.IsNeedToCheckStatus(statusCheckTime);
                if (isNeedToCheckStatus)
                {
                    User usr = ProjectConfig.Config.DataProvider.GetInstance().UserRepository.GetUserAdministrator(identity.ID, identity.Name);
                    if (usr != null && user.Status != (byte)Consts.UserStatus.Active)
                    {
                        IFormsAuthenticationService formsService = new FormsAuthenticationService();
                        formsService.SignIn(usr.Login, identity.RememberMe, usr);
                    }
                    else
                    {
                        LogOutUser(filterContext);
                        return;
                    }
                }

                if (!String.IsNullOrEmpty(Roles))
                {
                    string[] roles = Roles.Split(',');
                    bool     res   = false;
                    foreach (string role in roles)
                    {
                        if (res = (role.Equals(((Consts.UserTypes)user.UserType).ToString(), StringComparison.InvariantCulture)))
                        {
                            break;
                        }
                    }
                    if (!res)
                    {
                        filterContext.HttpContext.Response.Redirect("/Home/AccessDenyed");
                    }
                }
            }
            else if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                NotAuthorized(filterContext);
            }
        }
コード例 #2
0
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }

            if (filterContext.HttpContext.Session == null || filterContext.IsChildAction)
            {
                return;
            }

            var user = AppHelper.CurrentUser;

            if (user != null && !filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                filterContext.HttpContext.Session.Abandon();
                return;
            }

            if (user != null && filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                var principal = (filterContext.HttpContext.User as VauctionPrincipal);
                if (principal == null) /*LogOutUser(filterContext);*/ return {
                    ;
                }
                VauctionIdentity identity = principal.UIdentity;
                if (identity.ID != user.ID)
                {
                    Logger.LogInfo(String.Format("[SESSION-ERROR][CHECK]: Type:Mixed | SessionID:{0} | User_ID:{1} | CrossedUser_ID: {2}", HttpContext.Current.Session.SessionID, identity.ID, user.ID));
                    LogOutUser(filterContext);
                }
            }
コード例 #3
0
 public VauctionPrincipal(VauctionIdentity _identity)
 {
     identity = _identity;
 }
コード例 #4
0
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }

            if (AuthorizeCore(filterContext.HttpContext))
            {
                VauctionPrincipal principal = (filterContext.HttpContext.User as VauctionPrincipal);
                if (principal == null)
                {
                    LogOutUser(filterContext); return;
                }
                VauctionIdentity identity = principal.UIdentity;

                var user = AppHelper.CurrentUser;
                if (user == null)
                {
                    LogOutUser(filterContext); return;
                }

                //#region added 2013-03-15 -> cross session check
                //VauctionIdentity videntity = principal.UIdentity;
                //if (videntity.ID != user.ID)
                //{
                //  Logger.LogInfo(String.Format("[SESSION-ERROR]: SessionID:{0} | CurrentUser:{1} | CrossedUser: {2} | IP: {3} | Local IP: {4}\n\t\t\tUser Agent: {5}", HttpContext.Current.Session.SessionID, videntity.ID, user.ID, Consts.UsersIPAddress, HttpContext.Current.Request.ServerVariables["LOCAL_ADDR"], HttpContext.Current.Request.UserAgent));
                //  LogOutUser(filterContext); return;
                //}
                //#endregion

                bool isNeedToCheckStatus = principal.IsNeedToCheckStatus(statusCheckTime);
                if (isNeedToCheckStatus)
                {
                    User usr = ProjectConfig.Config.DataProvider.GetInstance().UserRepository.GetUserActiveAndApproved(identity.ID, identity.Name);
                    if (usr != null && user.Status != (byte)Consts.UserStatus.Active)
                    {
                        //IFormsAuthenticationService formsService = new FormsAuthenticationService();
                        //formsService.SignIn(identity.Name, identity.RememberMe, usr);
                    }
                    else
                    {
                        LogOutUser(filterContext);
                        return;
                    }
                }

                bool isbackend = false;
                if (!String.IsNullOrEmpty(IsBackendUser) && Boolean.TryParse(IsBackendUser, out isbackend) && isbackend && !user.IsAdminType)
                {
                    LogOutUser(filterContext);
                    return;
                }

                if (!String.IsNullOrEmpty(Roles))
                {
                    string[] roles = Roles.Split(',');
                    bool     res   = false;
                    foreach (string role in roles)
                    {
                        if (res = (role.Equals(((Consts.UserTypes)user.UserType).ToString(), StringComparison.InvariantCulture)))
                        {
                            break;
                        }
                    }
                    if (!res)
                    {
                        NotAuthorized(filterContext);
                    }
                }
            }
            else if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
            {
                NotAuthorized(filterContext);
            }
        }
コード例 #5
0
 public VauctionPrincipal(VauctionIdentity _identity)
 {
     identity = _identity;
 }