예제 #1
0
        protected virtual User handleAuthentication(ref HttpListenerRequest a_oRequest, ref HttpListenerContext ctx)
        {
            User oUser = null;

            if (m_eAuthenticationType == EAuthenticationTypes.eCookie)
            {
                Cookie oAuthCookie = a_oRequest.Cookies [AuthCookieName];
                if (oAuthCookie != null)
                {
                    if (!oAuthCookie.Expired)
                    {
                        oUser = m_oUserMgr.GetUserByCookie(oAuthCookie.Value);
                    }
                }
            }
            else if (m_eAuthenticationType == EAuthenticationTypes.eBasic)
            {
                if (ctx.User != null && ctx.User.Identity.IsAuthenticated)
                {
                    HttpListenerBasicIdentity oIdentity = (HttpListenerBasicIdentity)ctx.User.Identity;
                    oUser = m_oUserMgr.GetUserByLogin(oIdentity.Name, oIdentity.Password);
                }
            }
            else if (m_eAuthenticationType == EAuthenticationTypes.eKey)
            {
                if (a_oRequest.Headers.AllKeys.Contains(AuthKeyName))
                {
                    oUser = m_oUserMgr.GetUserByKey(a_oRequest.Headers[AuthKeyName]);
                }
            }

            if (oUser == null)
            {
                oUser = new User("", new string[] { AuthAnonymousUserName }, false);
            }

            // Set name to client ip addr if authentication failed (e.g. wrong login or anonymous user)
            if (oUser.IsAuthenticated == false)
            {
                oUser.Name = a_oRequest.RemoteEndPoint.ToString();
            }

            return(oUser);
        }