public string CreateAuthenticationCookie(int tenantId, string login, string password)
{
var passwordhash = Hasher.Base64Hash(password, HashAlg.SHA256);
var u = userService.GetUser(tenantId, login, passwordhash);
return(u != null?CookieStorage.EncryptCookie(tenantId, u.ID, login, passwordhash) : null);
}
public void Validate()
{
var t1 = 1;
var id1 = Guid.NewGuid();
var login1 = "l1";
var pwd1 = "p1";
var it1 = 1;
var expire1 = DateTime.UtcNow;
var iu1 = 1;
var cookie = CookieStorage.EncryptCookie(t1, id1, login1, pwd1, it1, expire1, iu1);
int t2;
Guid id2;
string login2;
string pwd2;
int it2;
DateTime expire2;
int iu2;
CookieStorage.DecryptCookie(cookie, out t2, out id2, out login2, out pwd2, out it2, out expire2, out iu2);
Assert.AreEqual(t1, t2);
Assert.AreEqual(id1, id2);
Assert.AreEqual(login1, login2);
Assert.AreEqual(pwd1, pwd2);
Assert.AreEqual(it1, it2);
Assert.AreEqual(expire1, expire2);
Assert.AreEqual(iu1, iu2);
}
public string CreateAuthenticationCookie(int tenantId, Guid userId)
{
var u = userService.GetUser(tenantId, userId);
var password = userService.GetUserPassword(tenantId, userId);
var passwordhash = Hasher.Base64Hash(password, HashAlg.SHA256);
return(u != null?CookieStorage.EncryptCookie(tenantId, userId, u.Email, passwordhash) : null);
}
private string CreateAuthenticationCookie(int tenantId, Guid userId, string login, string passwordhash)
{
var tenantSettings = settingsManager.LoadSettingsFor <TenantCookieSettings>(tenantId, Guid.Empty);
var expires = tenantSettings.IsDefault() ? DateTime.UtcNow.AddYears(1) : DateTime.UtcNow.AddMinutes(tenantSettings.LifeTime);
var userSettings = settingsManager.LoadSettingsFor <TenantCookieSettings>(tenantId, userId);
return(CookieStorage.EncryptCookie(tenantId, userId, login, passwordhash, tenantSettings.Index, expires, userSettings.Index));
}
public static string SetUserPassword(Guid userID, string password)
{
CoreContext.Authentication.SetUserPassword(userID, password);
if (CurrentAccount.ID == userID)
{
return(CookieStorage.EncryptCookie(CoreContext.TenantManager.GetCurrentTenant().TenantId, userID, null, null));
}
return(null);
}
public static string AuthenticateMe(IAccount account)
{
if (account == null || account.Equals(Configuration.Constants.Guest))
{
throw new InvalidCredentialException("account");
}
var roles = new List <string> {
Role.Everyone
};
string cookie = null;
if (account is ISystemAccount && account.ID == Configuration.Constants.CoreSystem.ID)
{
roles.Add(Role.System);
}
if (account is IUserAccount)
{
var u = CoreContext.UserManager.GetUsers(account.ID);
if (u.ID == Users.Constants.LostUser.ID)
{
throw new InvalidCredentialException("Invalid username or password.");
}
if (u.Status != EmployeeStatus.Active)
{
throw new SecurityException("Account disabled.");
}
// for LDAP users only
if (u.Sid != null)
{
if (u.Sid.StartsWith("l"))
{
throw new SecurityException("LDAP settings were changed.");
}
if (!CoreContext.TenantManager.GetTenantQuota(CoreContext.TenantManager.GetCurrentTenant().TenantId).Ldap)
{
throw new BillingException("Your tariff plan does not support this option.", "Ldap");
}
}
if (CoreContext.UserManager.IsUserInGroup(u.ID, Users.Constants.GroupAdmin.ID))
{
roles.Add(Role.Administrators);
}
roles.Add(Role.Users);
account = new UserAccount(u, CoreContext.TenantManager.GetCurrentTenant().TenantId);
cookie = CookieStorage.EncryptCookie(CoreContext.TenantManager.GetCurrentTenant().TenantId, account.ID, null, null);
}
Principal = new GenericPrincipal(account, roles.ToArray());
return(cookie);
}
private string CreateAuthenticationCookie(CookieStorage cookieStorage, int tenantId, UserInfo user)
{
if (user == null)
{
return(null);
}
var tenantSettings = SettingsManager.LoadSettingsFor <TenantCookieSettings>(tenantId, Guid.Empty);
var expires = tenantSettings.IsDefault() ? DateTime.UtcNow.AddYears(1) : DateTime.UtcNow.AddMinutes(tenantSettings.LifeTime);
var userSettings = SettingsManager.LoadSettingsFor <TenantCookieSettings>(tenantId, user.ID);
return(cookieStorage.EncryptCookie(tenantId, user.ID, tenantSettings.Index, expires, userSettings.Index));
}
public static string AuthenticateMe(IAccount account)
{
if (account == null || account.Equals(AuthConst.Guest))
{
throw new System.Security.Authentication.InvalidCredentialException("account");
}
var roles = new List <string>()
{
Role.Everyone
};
string cookie = null;
if (account is ISystemAccount && account.ID == AuthConst.CoreSystem.ID)
{
roles.Add(Role.System);
}
if (account is IUserAccount)
{
var u = CoreContext.UserManager.GetUsers(account.ID);
if (u.ID == UserConst.LostUser.ID)
{
throw new System.Security.Authentication.InvalidCredentialException("Invalid username or password.");
}
if (u.Status != ASC.Core.Users.EmployeeStatus.Active)
{
throw new SecurityException("Account disabled.");
}
if (CoreContext.UserManager.IsUserInGroup(u.ID, UserConst.GroupAdmin.ID))
{
roles.Add(Role.Administrators);
}
roles.Add(Role.Users);
account = new UserAccount(u, CoreContext.TenantManager.GetCurrentTenant().TenantId);
cookie = CookieStorage.EncryptCookie(CoreContext.TenantManager.GetCurrentTenant().TenantId, account.ID, null, null);
}
Principal = new GenericPrincipal(account, roles.ToArray());
return(cookie);
}
public static string AuthenticateMe(string login, string password)
{
if (login == null)
{
throw new ArgumentNullException("login");
}
if (password == null)
{
throw new ArgumentNullException("password");
}
var tenantid = CoreContext.TenantManager.GetCurrentTenant().TenantId;
var u = CoreContext.UserManager.GetUsers(tenantid, login, Hasher.Base64Hash(password, HashAlg.SHA256));
AuthenticateMe(new UserAccount(u, tenantid));
return(CookieStorage.EncryptCookie(tenantid, u.ID, null, null));
}
private static string AuthenticateMe(IAccount account, Func <int> funcLoginEvent)
{
CurrentAccount = account;
string cookie = null;
if (account is IUserAccount)
{
int loginEventId = 0;
if (funcLoginEvent != null)
{
loginEventId = funcLoginEvent();
}
cookie = CookieStorage.EncryptCookie(CoreContext.TenantManager.GetCurrentTenant().TenantId, account.ID, loginEventId);
}
return(cookie);
}
public void Validate()
{
var t1 = 1;
var id1 = Guid.NewGuid();
var login1 = "l1";
var pwd1 = "p1";
var cookie = CookieStorage.EncryptCookie(t1, id1, login1, pwd1);
int t2;
Guid id2;
string login2;
string pwd2;
CookieStorage.DecryptCookie(cookie, out t2, out id2, out login2, out pwd2);
Assert.AreEqual(t1, t2);
Assert.AreEqual(id1, id2);
Assert.AreEqual(login1, login2);
Assert.AreEqual(pwd1, pwd2);
}
public void Validate(CookieStorage cookieStorage)
{
var t1 = 1;
var id1 = Guid.NewGuid();
var login1 = "l1";
var pwd1 = "p1";
var it1 = 1;
var expire1 = DateTime.UtcNow;
var iu1 = 1;
var cookie = cookieStorage.EncryptCookie(t1, id1, login1, pwd1, it1, expire1, iu1);
cookieStorage.DecryptCookie(cookie, out var t2, out var id2, out var login2, out var pwd2, out var it2, out var expire2, out var iu2);
Assert.AreEqual(t1, t2);
Assert.AreEqual(id1, id2);
Assert.AreEqual(login1, login2);
Assert.AreEqual(pwd1, pwd2);
Assert.AreEqual(it1, it2);
Assert.AreEqual(expire1, expire2);
Assert.AreEqual(iu1, iu2);
}
public string CreateAuthenticationCookie(int tenantId, Guid userId)
{
return(CookieStorage.EncryptCookie(tenantId, userId, null, null));
}