/// <summary> /// Runs the processor. /// </summary> /// <param name="args">The arguments.½</param> public void Process(LoggingInArgs args) { Assert.ArgumentNotNull(args, "args"); if (!string.IsNullOrEmpty(args.StartUrl)) { this.ValidateStartUrl(args); } }
/// <summary> /// Checks the on external URL. /// </summary> /// <param name="args">The arguments.</param> /// <exception cref="T:Sitecore.Exceptions.SecurityException">Only local URLs are allowed.</exception> private void CheckOnExternalUrl(LoggingInArgs args) { if (WebUtil.IsExternalUrl(args.StartUrl, HttpContext.Current.Request.Url.Host) && !IsAllowedBot(args.StartUrl)) { args.AbortPipeline(); throw new SecurityException("Only local URLs are allowed."); } }
public void Process(LoggingInArgs args) { var data = new SubscriptionEventArgs() { Username = args.Username }; Sitecore.Events.Event.RaiseEvent("westcosocket:subscribe", data); }
public void Process(LoggingInArgs args) { Assert.ArgumentNotNull(args, "args"); if (!IsEnabled()) { return; } MembershipUser user = GetMembershipUser(args); if (HasPasswordExpired(user)) { WebUtil.Redirect(ChangePasswordPageUrl); } }
/// <summary> /// Determines whether [is valid start URL] [the specified user name]. /// </summary> /// <param name="args">The arguments.</param> /// <returns> /// <c>true</c> if [is valid start URL] [the specified user name]; otherwise, <c>false</c>. /// </returns> protected virtual bool ValidateStartUrl(LoggingInArgs args) { Assert.ArgumentNotNull(args, "args"); this.CheckOnExternalUrl(args); if (string.IsNullOrWhiteSpace(args.StartUrl)) { return(true); } if (Uri.IsWellFormedUriString(args.StartUrl, UriKind.Absolute)) { return(true); } string localPath = this.GetLocalPath(args.StartUrl); if (string.IsNullOrWhiteSpace(localPath)) { return(true); } if (ID.IsID(localPath)) { if (this.CanAccessItem(Context.Database, args.Username, localPath)) { return(true); } args.StartUrl = string.Empty; return(false); } if (!this.ItemExist(Context.Database, localPath)) { return(true); } if (this.CanAccessItem(Context.Database, args.Username, localPath)) { return(true); } args.StartUrl = string.Empty; return(false); }
/// <summary> /// </summary> protected virtual bool LoggingIn() { if (string.IsNullOrWhiteSpace(this.UserName.Text)) { return(false); } this.fullUserName = WebUtil.HandleFullUserName(this.UserName.Text); this.startUrl = Controllers.BotAuthenticationController.GetTicketCallback(WebUtil.GetQueryString("ticket")); this.FailureHolder.Visible = false; this.SuccessHolder.Visible = false; LoggingInArgs loggingInArg = new LoggingInArgs() { Username = this.fullUserName, Password = this.Password.Text, StartUrl = this.startUrl }; Pipeline.Start("loggingin", loggingInArg); if ((UIUtil.IsIE() ? true : UIUtil.IsIE11()) && !Regex.IsMatch(WebUtil.GetHostName(), Settings.HostNameValidationPattern, RegexOptions.ECMAScript)) { this.RenderError(Translate.Text("Your login attempt was not successful because the URL hostname contains invalid character(s) that are not recognized by IE. Please check the URL hostname or try another browser.")); return(false); } if (loggingInArg.Success) { this.startUrl = loggingInArg.StartUrl; return(true); } Log.Audit(string.Format("Login failed: {0}.", loggingInArg.Username), this); if (!string.IsNullOrEmpty(loggingInArg.Message)) { this.RenderError(Translate.Text(StringUtil.RemoveLineFeeds(loggingInArg.Message))); } return(false); }
public void Process(LoggingInArgs args) { //Assert.ArgumentNotNull(args, "args"); MembershipUser usert = Membership.GetUser(args.Username); int number = UserAttemp.AttemptedPasswordAttemptsRemaining(usert); if (number == 1) { if (!usert.IsLockedOut) { ISendUserLockedOutEmail emailSender; using (var scope = AutofacConfig.ServiceLocator.BeginLifetimeScope()) { emailSender = scope.Resolve <ISendUserLockedOutEmail>(); } emailSender.SendEmail(usert); } } }
public new void Process(LoggingInArgs args) { Assert.ArgumentNotNull(args, "args"); bool flag = false; NoAccessTo noAccessTo = NoAccessTo.Empty; using (UserSwitcher userSwitcher = new UserSwitcher(args.Username, true)) { switch (args.StartUrl) { case "/sitecore/shell/default.aspx": { Item item = Client.CoreDatabase.Items["/sitecore/content/Applications/Desktop"]; if (!Context.IsAdministrator && (item == null || !item.Access.CanRead())) { noAccessTo = NoAccessTo.Desktop; flag = true; } break; } case "/sitecore/shell/applications/clientusesoswindows.aspx": { Item item1 = Client.CoreDatabase.Items["/sitecore/content/Applications/Content Editor"]; if (item1 == null || !item1.Access.CanRead()) { noAccessTo = NoAccessTo.ContentEditor; flag = true; } break; } case "/sitecore/shell/applications/webedit.aspx": { Item item2 = Client.CoreDatabase.Items["/sitecore/content/Applications/WebEdit"]; if (item2 == null || !item2.Access.CanRead()) { noAccessTo = NoAccessTo.PageEditor; flag = true; } break; } } var membershipUser = Membership.GetUser(Sitecore.Context.User.Name, false); if (IsPasswordExpiredEnabled() && membershipUser != null && HasPasswordExpired(membershipUser)) { noAccessTo = NoAccessTo.PasswordExpired; UserName = args.Username; flag = true; } if (flag) { AuthenticationHelper authenticationHelper = new AuthenticationHelper(AuthenticationManager.Provider); if (!string.IsNullOrEmpty(args.Username) && args.Password != null && authenticationHelper.ValidateUser(args.Username, args.Password)) { args.Success = false; args.AddMessage(GetErrorMessage(noAccessTo)); args.AbortPipeline(); } } } }
private static MembershipUser GetMembershipUser(LoggingInArgs args) { Assert.ArgumentNotNull(args, "args"); Assert.ArgumentNotNullOrEmpty(args.Username, "args.Username"); return Membership.GetUser(args.Username, false); }