private static UserInfo GetUser(string userName, string password, string provider, string accessToken, out bool viaEmail) { viaEmail = true; var action = MessageAction.LoginFailViaApi; UserInfo user; try { if (string.IsNullOrEmpty(provider) || provider == "email") { userName.ThrowIfNull(new ArgumentException(@"userName empty", "userName")); password.ThrowIfNull(new ArgumentException(@"password empty", "password")); var localization = new LdapLocalization(Resource.ResourceManager); var ldapUserManager = new LdapUserManager(localization); if (!ldapUserManager.TryGetAndSyncLdapUserInfo(userName, password, out user)) { user = CoreContext.UserManager.GetUsers( CoreContext.TenantManager.GetCurrentTenant().TenantId, userName, Hasher.Base64Hash(password, HashAlg.SHA256)); } if (user == null || !CoreContext.UserManager.UserExists(user.ID)) { throw new Exception("user not found"); } } else { viaEmail = false; action = MessageAction.LoginFailViaApiSocialAccount; var thirdPartyProfile = ProviderManager.GetLoginProfile(provider, accessToken); userName = thirdPartyProfile.EMail; user = LoginWithThirdParty.GetUserByThirdParty(thirdPartyProfile); } } catch { MessageService.Send(Request, string.IsNullOrEmpty(userName) ? userName : AuditResource.EmailNotSpecified, action); throw new AuthenticationException("User authentication failed"); } var tenant = CoreContext.TenantManager.GetCurrentTenant(); var settings = IPRestrictionsSettings.Load(); if (settings.Enable && user.ID != tenant.OwnerId && !IPSecurity.IPSecurity.Verify(tenant)) { throw new IPSecurityException(); } return(user); }
private static UserInfo GetUser(string userName, string password, string provider, string accessToken, out bool viaEmail) { viaEmail = true; var action = MessageAction.LoginFailViaApi; try { UserInfo user; if (string.IsNullOrEmpty(provider) || provider == "email") { userName.ThrowIfNull(new ArgumentException("userName empty", "userName")); password.ThrowIfNull(new ArgumentException("password empty", "password")); if (!ActiveDirectoryUserImporter.TryGetLdapUserInfo(userName, password, out user)) { user = CoreContext.UserManager.GetUsers( CoreContext.TenantManager.GetCurrentTenant().TenantId, userName, Hasher.Base64Hash(password, HashAlg.SHA256)); } if (user == null || !CoreContext.UserManager.UserExists(user.ID)) { throw new Exception("user not found"); } return(user); } viaEmail = false; action = MessageAction.LoginFailViaApiSocialAccount; var thirdPartyProfile = ProviderManager.GetLoginProfile(provider, accessToken); userName = thirdPartyProfile.EMail; user = LoginWithThirdParty.GetUserByThirdParty(thirdPartyProfile); return(user); } catch { MessageService.Send(Request, string.IsNullOrEmpty(userName) ? userName : AuditResource.EmailNotSpecified, action); throw new AuthenticationException("User authentication failed"); } }
private static UserInfo GetUser(string userName, string password, string provider, string accessToken, out bool viaEmail) { viaEmail = true; var action = MessageAction.LoginFailViaApi; UserInfo user; try { if (string.IsNullOrEmpty(provider) || provider == "email") { userName.ThrowIfNull(new ArgumentException(@"userName empty", "userName")); password.ThrowIfNull(new ArgumentException(@"password empty", "password")); int counter; int.TryParse(Cache.Get <String>("loginsec/" + userName), out counter); if (++counter > 5 && !SetupInfo.IsSecretEmail(userName)) { throw new Authorize.BruteForceCredentialException(); } Cache.Insert("loginsec/" + userName, counter.ToString(CultureInfo.InvariantCulture), DateTime.UtcNow.Add(TimeSpan.FromMinutes(1))); var localization = new LdapLocalization(Resource.ResourceManager); var ldapUserManager = new LdapUserManager(localization); if (!ldapUserManager.TryGetAndSyncLdapUserInfo(userName, password, out user)) { user = CoreContext.UserManager.GetUsers( CoreContext.TenantManager.GetCurrentTenant().TenantId, userName, Hasher.Base64Hash(password, HashAlg.SHA256)); } if (user == null || !CoreContext.UserManager.UserExists(user.ID)) { throw new Exception("user not found"); } Cache.Insert("loginsec/" + userName, (--counter).ToString(CultureInfo.InvariantCulture), DateTime.UtcNow.Add(TimeSpan.FromMinutes(1))); } else { viaEmail = false; action = MessageAction.LoginFailViaApiSocialAccount; var thirdPartyProfile = ProviderManager.GetLoginProfile(provider, accessToken); userName = thirdPartyProfile.EMail; user = LoginWithThirdParty.GetUserByThirdParty(thirdPartyProfile); } } catch (Authorize.BruteForceCredentialException) { MessageService.Send(Request, !string.IsNullOrEmpty(userName) ? userName : AuditResource.EmailNotSpecified, MessageAction.LoginFailBruteForce); throw new AuthenticationException("Login Fail. Too many attempts"); } catch { MessageService.Send(Request, !string.IsNullOrEmpty(userName) ? userName : AuditResource.EmailNotSpecified, action); throw new AuthenticationException("User authentication failed"); } var tenant = CoreContext.TenantManager.GetCurrentTenant(); var settings = IPRestrictionsSettings.Load(); if (settings.Enable && user.ID != tenant.OwnerId && !IPSecurity.IPSecurity.Verify(tenant)) { throw new IPSecurityException(); } return(user); }