public static void SessionExecute() { string authorizationUrl = "/User/Login"; string registerUrl = "/User/Register"; string forgotPassUrl = "/User/ForgotPassword"; string commisionUrl = "/Commission/All"; string adminUrl = "/evarlik-admin"; var request = HttpContext.Current.Request; // authorization url control var url = request.Path.ToLower(new CultureInfo("en-US", false)); url = url[url.Length - 1] == '/' ? url.Remove(url.Length - 1) : url; if (!string.IsNullOrEmpty(authorizationUrl)) { if (url.EndsWith(authorizationUrl.ToLower())) { return; } } if (url.EndsWith(registerUrl.ToLower()) || url.EndsWith(forgotPassUrl.ToLower()) || url.EndsWith(commisionUrl.ToLower()) || url.StartsWith(adminUrl.ToLower())) { return; } if (url.Contains("signalr")) { return; } var authorizationHeader = request.Headers["Authorization"]; if (string.IsNullOrEmpty(authorizationHeader)) { RedirectVarlikResult.RedirectWithData(new VarlikResult() { Status = ResultStatus.Unauthorized, Message = "Jwt Token Does Not Exist in Authorization Header" }); return; } var authorizationHeaderSplitted = authorizationHeader.Split(' '); if (authorizationHeaderSplitted.Length < 2) { RedirectVarlikResult.RedirectWithData(new VarlikResult() { Status = ResultStatus.Unauthorized, Message = "Most Probably Authentication Type Is Not Set" }); return; } var token = authorizationHeaderSplitted[1]; DinazorPrincipal.AuthenticateUser(token); var dinazorPrincipal = (DinazorPrincipal)HttpContext.Current.User; if (dinazorPrincipal == null || !dinazorPrincipal.Identity.IsAuthenticated) { RedirectVarlikResult.RedirectWithData(new VarlikResult() { Status = ResultStatus.SessionNotValid, Message = $"Incorrect Token : {token}" }); } }
public async Task <DinazorResult <TokenUser> > Login(BaseTokenUser user) { if (user == null) { var res = new DinazorResult <TokenUser>(); res.Status = ResultStatus.NoSuchObject; return(res); } //firstly check the user whether alredy logged in or not var alreadyLoggedInResult = IsUserAlreadyLoggedIn(user.Username, user.Password); if (!alreadyLoggedInResult.IsSuccess) { return(new DinazorResult <TokenUser>()); } if (alreadyLoggedInResult.Data) { _log.Info("user is already logged in"); //user already logged in. get the user return(GetUserByUsername(user.Username)); } // LICENCE CONTROL /* bool anyCommunicationProblem = false; * DinazorRestClient dinazorRestClient = new DinazorRestClient(); * DinazorResult<List<OrganizationLicenceDto>> licenceResult = new DinazorResult<List<OrganizationLicenceDto>>(); * try * { * licenceResult = await dinazorRestClient.Post(user.Client); * } * catch (Exception e) * { * _log.Error("licence manager communication problem",e); * anyCommunicationProblem = true; * licenceResult.Success(); * } * * if (!licenceResult.IsSuccess) * { * var licenceErrorResult = new DinazorResult<TokenUser> { Status = licenceResult.Status }; * return licenceErrorResult; * } * * //validate the licence * if (!anyCommunicationProblem && licenceResult.Data.Count <= 0) * { * var noLicenceResult = new DinazorResult<TokenUser> { Status = ResultStatus.NoLicence }; * return noLicenceResult; * }*/ if (true) { // try to login var result = await _authorizationOperation.Login(user); if (result.IsSuccess) { //generate the token var token = TokenGenerator.GenerateUniqueId(); //control the token if it already exists while (_tokenStorer.IsTokenExists(token).Status == ResultStatus.Success) { token = TokenGenerator.GenerateUniqueId(); } var tokenUser = result.Data; tokenUser.Token = token; //set the licence information tokenUser.Client = user.Client; tokenUser.IsLicenceValidated = true; // tokenUser.OrganizationLicence = licenceResult.Data; // get the roles according to licenced modules var userManager = IocManager.Instance.Resolve <IUserManager>(); var roleListResult = await userManager.GetUserByIdWithRoles(tokenUser.Id); if (roleListResult.IsSuccess) { tokenUser.RoleList = roleListResult.Data; } else { _log.Error("error while getting the role list"); } //store the user _tokenStorer.StoreTheToken(token, tokenUser); DinazorPrincipal.AuthenticateUser(token); LoginSubscriber.Broadcast(tokenUser); result.Data = tokenUser; return(result); } return(result); } /* else if (anyCommunicationProblem) * { * * }*/ return(null); }
public static void SessionExecute() { string authorizationUrl = ""; var configurationManager = IocManager.Instance.Resolve <IConfigurationManager>(); var authorizationUrlResult = configurationManager.GetValue("AuthorizationUrl"); if (authorizationUrlResult != null && authorizationUrlResult.Count > 0) { authorizationUrl = authorizationUrlResult[0]; if (!string.IsNullOrEmpty(authorizationUrl)) { authorizationUrl = authorizationUrl.ToLower(); } } else { Log.Error("No Authorization Url Found In DB"); } var request = HttpContext.Current.Request; // authorization url control var url = request.Path.ToLower(new CultureInfo("en-US", false)); url = url[url.Length - 1] == '/' ? url.Remove(url.Length - 1) : url; if (url.EndsWith(authorizationUrl)) { return; } //Control thr URL if it needs Token or not var urlNoNeedTokenList = configurationManager.GetValue("UrlNoNeedToken"); if (urlNoNeedTokenList != null && urlNoNeedTokenList.Count > 0) { foreach (var item in urlNoNeedTokenList) { var reqUrl = item.Split(':')[0].ToLower(); var verb = item.Split(':')[1]; if (url == reqUrl && request.HttpMethod.ToLower() == verb.ToLower()) { return; } } } var token = request.QueryString["token"]; if (token == null) { RedirectDinazorResult.RedirectWithData(new DinazorResult() { Status = ResultStatus.Unauthorized, Message = "Token information is missing" }); return; } DinazorPrincipal.AuthenticateUser(token); var dinazorPrincipal = (DinazorPrincipal)HttpContext.Current.User; if (dinazorPrincipal == null || !dinazorPrincipal.Identity.IsAuthenticated) { RedirectDinazorResult.RedirectWithData(new DinazorResult() { Status = ResultStatus.SessionNotValid, Message = $"Token information is wrong. token is {token}" }); } }