public IUser GetAuthenticatedUser() { if (_isNonBoyingUser) { return(null); } if (_signedInUser != null || _isAuthenticated) { return(_signedInUser); } var httpContext = _httpContextAccessor.Current(); if (httpContext.IsBackgroundContext() || !httpContext.Request.IsAuthenticated || !(httpContext.User.Identity is FormsIdentity)) { return(null); } var formsIdentity = (FormsIdentity)httpContext.User.Identity; var userData = formsIdentity.Ticket.UserData ?? ""; // The cookie user data is {userName.Base64};{tenant}. var userDataSegments = userData.Split(';'); if (userDataSegments.Length < 2) { return(null); } var userDataName = userDataSegments[0]; var userDataTenant = userDataSegments[1]; try { userDataName = userDataName.FromBase64(); } catch { return(null); } if (!String.Equals(userDataTenant, _settings.Name, StringComparison.Ordinal)) { return(null); } _signedInUser = _membershipService.GetUser(userDataName); if (_signedInUser == null || !_membershipValidationService.CanAuthenticateWithCookie(_signedInUser)) { _isNonBoyingUser = true; return(null); } _isAuthenticated = true; return(_signedInUser); }
public void UsersWhoHaveNeverLoggedInCanBeAuthenticated() { var user = (UserPart)_membershipService.CreateUser(new CreateUserParams("a", "b", "c", null, null, true)); Assert.That(_membershipValidationService.CanAuthenticateWithCookie(user), Is.True); }
public IUser GetAuthenticatedUser() { if (_isNonOrchardUser) { return(null); } if (_signedInUser != null || _isAuthenticated) { return(_signedInUser); } var httpContext = _httpContextAccessor.Current(); if (httpContext.IsBackgroundContext() || !httpContext.Request.IsAuthenticated || !(httpContext.User.Identity is FormsIdentity)) { return(null); } var formsIdentity = (FormsIdentity)httpContext.User.Identity; var userData = formsIdentity.Ticket.UserData ?? ""; var userDataDictionary = new Dictionary <string, string>(); if (formsIdentity.Ticket.Version == 3) { var userDataSegments = userData.Split(';'); if (userDataSegments.Length < 2) { return(null); } var userDataName = userDataSegments[0]; var userDataTenant = userDataSegments[1]; try { userDataName = userDataName.FromBase64(); } catch { return(null); } userDataDictionary.Add("UserName", userDataName); userDataDictionary.Add("TenantName", userDataTenant); } else //we assume that the version here will be 4 { try { userDataDictionary = DeserializeUserData(userData); } catch (Exception) { return(null); } } // 1. Take the username if (!userDataDictionary.ContainsKey("UserName")) { return(null); // should never happen, unless the cookie has been tampered with } var userName = userDataDictionary["UserName"]; _signedInUser = _membershipService.GetUser(userName); if (_signedInUser == null || !_membershipValidationService.CanAuthenticateWithCookie(_signedInUser)) { _isNonOrchardUser = true; return(null); } // 2. Check the other stuff from the dictionary var validLogin = _userDataProviders.All(udp => udp.IsValid(_signedInUser, userDataDictionary)); if (!validLogin) { _signedInUser = null; return(null); } // Upgrade old cookies if (formsIdentity.Ticket.Version < 4) { UpgradeAndAddAuthCookie(_signedInUser, formsIdentity.Ticket); } _isAuthenticated = true; return(_signedInUser); }