public IUser GetAuthenticatedUser()
{
if (_isNonBoyingUser)
{
return(null);
}
if (_signedInUser != null || _isAuthenticated)
{
return(_signedInUser);
}
var httpContext = _httpContextAccessor.Current();
if (httpContext.IsBackgroundContext() || !httpContext.Request.IsAuthenticated || !(httpContext.User.Identity is FormsIdentity))
{
return(null);
}
var formsIdentity = (FormsIdentity)httpContext.User.Identity;
var userData = formsIdentity.Ticket.UserData ?? "";
// The cookie user data is {userName.Base64};{tenant}.
var userDataSegments = userData.Split(';');
if (userDataSegments.Length < 2)
{
return(null);
}
var userDataName = userDataSegments[0];
var userDataTenant = userDataSegments[1];
try
{
userDataName = userDataName.FromBase64();
}
catch
{
return(null);
}
if (!String.Equals(userDataTenant, _settings.Name, StringComparison.Ordinal))
{
return(null);
}
_signedInUser = _membershipService.GetUser(userDataName);
if (_signedInUser == null || !_membershipValidationService.CanAuthenticateWithCookie(_signedInUser))
{
_isNonBoyingUser = true;
return(null);
}
_isAuthenticated = true;
return(_signedInUser);
}
public void UsersWhoHaveNeverLoggedInCanBeAuthenticated()
{
var user = (UserPart)_membershipService.CreateUser(new CreateUserParams("a", "b", "c", null, null, true));
Assert.That(_membershipValidationService.CanAuthenticateWithCookie(user), Is.True);
}
public IUser GetAuthenticatedUser()
{
if (_isNonOrchardUser)
{
return(null);
}
if (_signedInUser != null || _isAuthenticated)
{
return(_signedInUser);
}
var httpContext = _httpContextAccessor.Current();
if (httpContext.IsBackgroundContext() || !httpContext.Request.IsAuthenticated || !(httpContext.User.Identity is FormsIdentity))
{
return(null);
}
var formsIdentity = (FormsIdentity)httpContext.User.Identity;
var userData = formsIdentity.Ticket.UserData ?? "";
var userDataDictionary = new Dictionary <string, string>();
if (formsIdentity.Ticket.Version == 3)
{
var userDataSegments = userData.Split(';');
if (userDataSegments.Length < 2)
{
return(null);
}
var userDataName = userDataSegments[0];
var userDataTenant = userDataSegments[1];
try {
userDataName = userDataName.FromBase64();
}
catch {
return(null);
}
userDataDictionary.Add("UserName", userDataName);
userDataDictionary.Add("TenantName", userDataTenant);
}
else //we assume that the version here will be 4
{
try {
userDataDictionary = DeserializeUserData(userData);
}
catch (Exception) {
return(null);
}
}
// 1. Take the username
if (!userDataDictionary.ContainsKey("UserName"))
{
return(null); // should never happen, unless the cookie has been tampered with
}
var userName = userDataDictionary["UserName"];
_signedInUser = _membershipService.GetUser(userName);
if (_signedInUser == null || !_membershipValidationService.CanAuthenticateWithCookie(_signedInUser))
{
_isNonOrchardUser = true;
return(null);
}
// 2. Check the other stuff from the dictionary
var validLogin = _userDataProviders.All(udp => udp.IsValid(_signedInUser, userDataDictionary));
if (!validLogin)
{
_signedInUser = null;
return(null);
}
// Upgrade old cookies
if (formsIdentity.Ticket.Version < 4)
{
UpgradeAndAddAuthCookie(_signedInUser, formsIdentity.Ticket);
}
_isAuthenticated = true;
return(_signedInUser);
}
