public async Task <ActionResult> Login(string errorMessage = null, string ReturnUrl = null)
{
if (User.Identity.IsAuthenticated)
{
return(RedirectToAction("Index", "Home", new { status = 2 }));
}
ObserverDbContext _db = new ObserverDbContext();
try
{
string sessionId = Request.Cookies.Get("SessionId").Value;
string sessionKey = Request.Cookies.Get("SessionKey").Value;
string myUserAgent = Request.UserAgent;
var session = _db.LoginSessions
.Where(e => e.Id == sessionId)
.FirstOrDefault();
if (session.UserAgent == myUserAgent && session.Key == sessionKey && (session.Status == 3 || session.Status == 5) && session.Status != 6 && session.SessionDate.AddMonths(2) > DateTime.UtcNow)
{
ApplicationUser user = UserManager.FindById(session.Users.Id);
await SignInManager.SignInAsync(user, true, true);
string newId = Guid.NewGuid().ToString();
string newKey = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()));
LoginSessionsModel newSession = new LoginSessionsModel()
{
Id = newId,
Key = newKey,
Status = 3,
Users = session.Users,
Ip = Request.UserHostAddress,
UserAgent = Request.UserAgent,
DateCreation = DateTime.UtcNow,
SessionDate = session.SessionDate
};
session.Status = 6;
HttpCookie SessionCookie = new HttpCookie("SessionId");
SessionCookie.Value = newId;
SessionCookie.Expires = DateTime.Now.AddMonths(2);
Response.SetCookie(SessionCookie);
HttpCookie SessionKeyCookie = new HttpCookie("SessionKey");
SessionKeyCookie.Value = newKey;
SessionKeyCookie.Expires = DateTime.Now.AddMonths(2);
Response.SetCookie(SessionKeyCookie);
_db.LoginSessions.Add(newSession);
_db.SaveChanges();
if (String.IsNullOrEmpty(ReturnUrl))
{
return(RedirectToAction("Index", "Home", new { status = 13, name = session.Users.Name }));
}
else
{
if (ReturnUrl.Contains("?"))
{
ReturnUrl = ReturnUrl + "&status=13&name=" + session.Users.Name;
}
else
{
ReturnUrl = ReturnUrl + "?status=13&name=" + session.Users.Name;
}
return(Redirect(ReturnUrl));
}
}
else
{
string loginSessionId = Guid.NewGuid().ToString();
string key = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString();
Uri url = new Uri(Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/QRLogin?Id=" + loginSessionId + "&Key=" + key);
string image = QRCodeServiceManager.GenerateLoginQRCode(url.ToString());
LoginSessionsModel loginSession = new LoginSessionsModel()
{
Id = loginSessionId,
Status = 1,
Key = key,
Ip = Request.UserHostAddress,
UserAgent = Request.UserAgent,
DateCreation = DateTime.UtcNow,
SessionDate = DateTime.UtcNow,
Path = ReturnUrl
};
session.Status = 6;
_db.LoginSessions.Add(loginSession);
_db.SaveChanges();
ViewBag.LoginSessionId = loginSessionId;
ViewBag.Key = key;
ViewBag.QRImage = image;
HttpCookie SessionCookie = new HttpCookie("SessionId");
SessionCookie.Value = null;
SessionCookie.Expires = DateTime.Now.AddYears(-10);
Response.SetCookie(SessionCookie);
HttpCookie SessionKeyCookie = new HttpCookie("SessionKey");
SessionKeyCookie.Value = null;
SessionKeyCookie.Expires = DateTime.Now.AddYears(-10);
Response.SetCookie(SessionKeyCookie);
return(View("Login"));
}
} catch (NullReferenceException e)
{
e.ToString();
string loginSessionId = Guid.NewGuid().ToString();
string key = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString();
Uri url = new Uri(Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/QRLogin?Id=" + loginSessionId + "&Key=" + key);
string image = QRCodeServiceManager.GenerateLoginQRCode(url.ToString());
LoginSessionsModel loginSession = new LoginSessionsModel()
{
Id = loginSessionId,
Status = 1,
Key = key,
Ip = Request.UserHostAddress,
UserAgent = Request.UserAgent,
DateCreation = DateTime.UtcNow,
SessionDate = DateTime.UtcNow,
Path = ReturnUrl
};
_db.LoginSessions.Add(loginSession);
_db.SaveChanges();
ViewBag.LoginSessionId = loginSessionId;
ViewBag.Key = key;
ViewBag.QRImage = image;
HttpCookie SessionCookie = new HttpCookie("SessionId");
SessionCookie.Value = null;
SessionCookie.Expires = DateTime.Now.AddYears(-10);
Response.SetCookie(SessionCookie);
HttpCookie SessionKeyCookie = new HttpCookie("SessionKey");
SessionKeyCookie.Value = null;
SessionKeyCookie.Expires = DateTime.Now.AddYears(-10);
Response.SetCookie(SessionKeyCookie);
return(View("Login"));
}
}
public async Task <ActionResult> QRLogin(string Id, string Key)
{
ObserverDbContext _db = new ObserverDbContext();
string userId = null;
try
{
string sessionId = Request.Cookies.Get("SessionId").Value;
string sessionKey = Request.Cookies.Get("SessionKey").Value;
var session = _db.LoginSessions
.Where(e => e.Id == sessionId)
.FirstOrDefault();
if (session.Key == sessionKey && (session.Status == 3 || session.Status == 5) && session.Status != 6 && session.SessionDate.AddMonths(2) > DateTime.UtcNow)
{
ApplicationUser user = UserManager.FindById(session.Users.Id);
userId = user.Id;
await SignInManager.SignInAsync(user, true, true);
string newId = Guid.NewGuid().ToString();
string newKey = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()));
LoginSessionsModel newSession = new LoginSessionsModel()
{
Id = newId,
Key = newKey,
Status = 3,
Users = session.Users,
DateCreation = DateTime.UtcNow,
SessionDate = session.SessionDate
};
session.Status = 6;
HttpCookie SessionCookie = new HttpCookie("SessionId");
SessionCookie.Value = newId;
SessionCookie.Expires = DateTime.Now.AddMonths(2);
Response.SetCookie(SessionCookie);
HttpCookie SessionKeyCookie = new HttpCookie("SessionKey");
SessionKeyCookie.Value = newKey;
SessionKeyCookie.Expires = DateTime.Now.AddMonths(2);
Response.SetCookie(SessionKeyCookie);
_db.LoginSessions.Add(newSession);
_db.SaveChanges();
}
else
{
RedirectToAction("Login", "Identity");
}
}
catch (NullReferenceException e)
{
RedirectToAction("Login", "Identity");
}
var loginSession = _db.LoginSessions
.Where(e => e.Id == Id)
.FirstOrDefault();
if (loginSession.SessionDate.AddMinutes(30) < DateTime.UtcNow)
{
loginSession.Status = 6;
_db.SaveChanges();
return(RedirectToAction("Index", "Home", new { status = 12 }));
}
else
{
var user = _db.Users
.Where(e => e.Id == userId)
.FirstOrDefault();
string proceedKey = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString();
Random random = new Random();
int randomInt = random.Next(999);
while (randomInt < 100)
{
randomInt = random.Next(999);
}
string sessionCode = randomInt.ToString();
if (loginSession.Status == 1)
{
loginSession.Status = 2;
loginSession.Users = user;
loginSession.QRKey = proceedKey;
loginSession.SessionCode = sessionCode;
loginSession.SessionDate = DateTime.UtcNow.AddSeconds(30);
_db.SaveChanges();
}
ViewBag.SessionId = Id;
ViewBag.ProceedKey = proceedKey;
ViewBag.SessionCode = sessionCode;
return(View());
}
}
