public void OnResourceExecuting(ResourceExecutingContext context)
{
var tenant = CoreContext.TenantManager.GetCurrentTenant(context.HttpContext);
var settings = IPRestrictionsSettings.LoadForTenant(tenant.TenantId);
if (settings.Enable && SecurityContext.IsAuthenticated && !IPSecurity.IPSecurity.Verify(context.HttpContext, tenant))
{
context.Result = new StatusCodeResult((int)HttpStatusCode.Forbidden);
log.WarnFormat("IPSecurity: Tenant {0}, user {1}", tenant.TenantId, SecurityContext.CurrentAccount.ID);
return;
}
}
private void BlockIPSecurityPortal(Tenant tenant)
{
if (tenant == null)
{
return;
}
var settings = IPRestrictionsSettings.LoadForTenant(tenant.TenantId);
if (settings.Enable && SecurityContext.IsAuthenticated && !IPSecurity.IPSecurity.Verify(tenant))
{
Auth.ProcessLogout();
ResponseRedirect("~/Auth.aspx?error=ipsecurity", HttpStatusCode.Forbidden);
}
}