protected void LoginControll_LoggedIn(object sender, EventArgs e)
{
var targetUrl = GetPostLoginUrl();
var userName = ((Login)sender).UserName;
if (this._ssoEnabled)
{
this.GetCookie().Value = CryptoApi.Crypt(userName, "sensenet60beta1", "SenseNetContentRepository");
}
if (OnUserLoggedIn != null)
{
OnUserLoggedIn(sender, e);
}
SnLog.WriteAudit(AuditEvent.LoginSuccessful,
new Dictionary <string, object>
{
{ "UserName", userName },
{ "ClientAddress", RepositoryTools.GetClientIpAddress() }
});
LoginExtender.OnLoggedIn(new LoginInfo {
UserName = userName
});
HttpContext.Current.Response.Redirect(targetUrl);
}
public override string EvaluateTemplate(string templateName, string templateExpression, object templatingContext)
{
switch (templateName)
{
case "currentdate":
return(DateTime.Today.ToShortDateString());
case "currenttime":
return(EvaluateExpression(DateTime.UtcNow, templateExpression, templatingContext));
case "currentuser":
return(EvaluateExpression(User.Current as GenericContent, templateExpression, templatingContext));
case "fullname":
return(TemplateManager.GetProperty(User.Current as GenericContent, "FullName"));
case "email":
return(TemplateManager.GetProperty(User.Current as GenericContent, "Email"));
case "ipaddress":
return(RepositoryTools.GetClientIpAddress());
default:
return(base.EvaluateTemplate(templateName, templateExpression, templatingContext));
}
}
/// <summary>
/// Logs out the current user.
/// </summary>
/// <param name="ultimateLogout">Whether this should be an ultimate logout. If set to True, the user will be logged out from all clients.</param>
public static void Logout(bool ultimateLogout = false)
{
var user = User.Current;
var info = new CancellableLoginInfo {
UserName = user.Username
};
LoginExtender.OnLoggingOut(info);
if (info.Cancel)
{
return;
}
FormsAuthentication.SignOut();
AccessTokenVault.DeleteTokensByUser(user.Id);
SnLog.WriteAudit(AuditEvent.Logout,
new Dictionary <string, object>
{
{ "UserName", user.Username },
{ "ClientAddress", RepositoryTools.GetClientIpAddress() }
});
LoginExtender.OnLoggedOut(new LoginInfo {
UserName = user.Username
});
if (HttpContext.Current != null)
{
if (HttpContext.Current.Session != null)
{
HttpContext.Current.Session.Abandon();
}
// remove session cookie
var sessionCookie = new HttpCookie(GetSessionIdCookieName(), string.Empty)
{
Expires = DateTime.UtcNow.AddDays(-1)
};
HttpContext.Current.Response.Cookies.Add(sessionCookie);
// in case of ultimate logout saves the time on user
if (ultimateLogout || Configuration.Security.DefaultUltimateLogout)
{
using (new SystemAccount())
{
if (user is User userNode)
{
userNode.LastLoggedOut = DateTime.UtcNow;
userNode.Save(SavingMode.KeepVersion);
}
}
}
}
}
protected void LoginStatus_LoggedOut(object sender, EventArgs e)
{
SnLog.WriteAudit(AuditEvent.Logout,
new Dictionary <string, object>
{
{ "UserName", User.Current.Username },
{ "ClientAddress", RepositoryTools.GetClientIpAddress() }
});
if (OnUserLoggedOut != null)
{
OnUserLoggedOut(sender, e);
}
LoginExtender.OnLoggedOut(new LoginInfo {
UserName = User.Current.Username
});
}
public static void Logout()
{
var info = new CancellableLoginInfo {
UserName = User.Current.Username
};
LoginExtender.OnLoggingOut(info);
if (info.Cancel)
{
return;
}
FormsAuthentication.SignOut();
SnLog.WriteAudit(AuditEvent.Logout,
new Dictionary <string, object>
{
{ "UserName", User.Current.Username },
{ "ClientAddress", RepositoryTools.GetClientIpAddress() }
});
LoginExtender.OnLoggedOut(new LoginInfo {
UserName = User.Current.Username
});
if (HttpContext.Current != null)
{
if (HttpContext.Current.Session != null)
{
HttpContext.Current.Session.Abandon();
}
// remove session cookie
var sessionCookie = new HttpCookie(GetSessionIdCookieName(), string.Empty)
{
Expires = DateTime.UtcNow.AddDays(-1)
};
HttpContext.Current.Response.Cookies.Add(sessionCookie);
}
}
protected void Login_LoginError(object sender, EventArgs e)
{
var login = sender as Login;
var userNameControl = this.FindControlRecursive("UserName");
var userNameTextBox = userNameControl as TextBox;
string userName = null;
if (userNameTextBox != null)
{
userName = userNameTextBox.Text;
if (!userName.Contains("\\"))
{
// add default domain for logging reasons
var domain = (string.IsNullOrEmpty(this.DefaultDomain)
? IdentityManagement.DefaultDomain
: this.DefaultDomain)
?? string.Empty;
userName = string.Concat(domain, "\\", userName);
}
SnLog.WriteAudit(AuditEvent.LoginUnsuccessful,
new Dictionary <string, object>
{
{ "UserName", userName },
{ "ClientAddress", RepositoryTools.GetClientIpAddress() }
});
}
var info = new LoginInfo {
UserName = userName, Message = login.FailureText
};
LoginExtender.OnLoginError(info);
_message = info.Message;
}
public static object Login(Content content, string username, string password)
{
if (string.IsNullOrEmpty(username))
{
Logout();
throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
}
if (Membership.ValidateUser(username, password))
{
// we need to work with the full username that contains the domain: SetAuthCookie expects that
if (!username.Contains("\\"))
{
username = IdentityManagement.DefaultDomain + "\\" + username;
}
if (User.Current.IsAuthenticated)
{
// if this is the user that is already logged in, return with a success code
if (string.CompareOrdinal(User.Current.Username, username) == 0)
{
using (new SystemAccount())
{
FormsAuthentication.SetAuthCookie(username, true);
return(Content.Create(User.Load(username) as User));
}
}
// logged in as a different user: we have to log out first
Logout();
}
var info = new CancellableLoginInfo {
UserName = username
};
LoginExtender.OnLoggingIn(info);
if (info.Cancel)
{
throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
}
SnLog.WriteAudit(AuditEvent.LoginSuccessful, new Dictionary <string, object>
{
{ "UserName", username },
{ "ClientAddress", RepositoryTools.GetClientIpAddress() }
});
LoginExtender.OnLoggedIn(new LoginInfo {
UserName = username
});
using (new SystemAccount())
{
FormsAuthentication.SetAuthCookie(username, true);
return(Content.Create(User.Load(username) as User));
}
}
throw new OData.ODataException(OData.ODataExceptionCode.Forbidden);
}