public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context) { input.LoginError = false; if (Config.Get <SecurityConfig>().AuthenticationMode == SecConfig.AuthenticationMode.Claims) { var owinContext = context.Request.GetOwinContext(); var challengeProperties = ChallengeProperties.ForLocalUser(input.UserName, input.Password, this.MembershipProvider, input.RememberMe, context.Request.Url.ToString()); challengeProperties.RedirectUri = this.GetReturnURL(context); owinContext.Authentication.Challenge(challengeProperties, ClaimsManager.CurrentAuthenticationModule.STSAuthenticationType); } else { User user; UserLoggingReason result = SecurityManager.AuthenticateUser( this.MembershipProvider, input.UserName, input.Password, input.RememberMe, out user); if (result != UserLoggingReason.Success) { input.LoginError = true; } else { input.RedirectUrlAfterLogin = this.GetReturnURL(context); } } return(input); }
public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context) { input.LoginError = false; if (Config.Get <SecurityConfig>().AuthenticationMode == SecConfig.AuthenticationMode.Claims) { var owinContext = context.Request.GetOwinContext(); string errorRedirectUrl; if (context.Request.UrlReferrer?.AbsoluteUri != null) { errorRedirectUrl = context.Request.UrlReferrer.AbsoluteUri; var param = context.Request.Params[MvcControllerProxy.ControllerKey]; if (param != null) { var uriBuilder = new UriBuilder(errorRedirectUrl); var query = HttpUtility.ParseQueryString(uriBuilder.Query); query[LoginControllerKey] = param; uriBuilder.Query = query.ToString(); errorRedirectUrl = uriBuilder.ToString(); } } else { errorRedirectUrl = context.Request.Url.ToString(); } var challengeProperties = ChallengeProperties.ForLocalUser(input.UserName, input.Password, this.MembershipProvider, input.RememberMe, errorRedirectUrl); challengeProperties.RedirectUri = this.GetReturnURL(context); owinContext.Authentication.Challenge(challengeProperties, ClaimsManager.CurrentAuthenticationModule.STSAuthenticationType); } else { User user; UserLoggingReason result = SecurityManager.AuthenticateUser( this.MembershipProvider, input.UserName, input.Password, input.RememberMe, out user); if (result != UserLoggingReason.Success) { input.LoginError = true; } else { input.RedirectUrlAfterLogin = this.GetReturnURL(context); } } return(input); }
public static SocialMediaConnectStatus Register(FacebookUserModel model, string userProvider) { SocialMediaConnectStatus connectStatus = SocialMediaConnectStatus.LoggedIn; var userManager = UserManager.GetManager(userProvider); userManager.Provider.SuppressSecurityChecks = true; if (!userManager.UserExists("facebook_user" + model.UserId)) { System.Web.Security.MembershipCreateStatus status; var user = userManager.CreateUser("facebook_user" + model.UserId, Encrypt(model.UserId), model.Email, "Question1", "Answer1", true, null, out status); userManager.SaveChanges(); userManager.Provider.SuppressSecurityChecks = false; SitefinityUserModel sfUserModel = new SitefinityUserModel(); //var profileManager = UserProfileManager.GetManager(); //var profile = profileManager.CreateProfile(user, typeof(SitefinityProfile).FullName) as SitefinityProfile; //profile.FirstName = model.FirstName; //profile.LastName = model.LastName; //TODO: Cast Facebook Model to Sitefinity Model sfUserModel.CreatedUserId = user.Id; sfUserModel.FirstName = model.FirstName; sfUserModel.LastName = model.LastName; sfUserModel.Avatar = model.ProfileImageUrl; sfUserModel.Birthday = model.Birthday; sfUserModel.Location = model.Location; sfUserModel.Gender = model.Gender; RoleManager roleManager = RoleManager.GetManager(); roleManager.Provider.SuppressSecurityChecks = true; roleManager.Provider.SuppressSecurityChecks = false; if (status != MembershipCreateStatus.Success) { return(SocialMediaConnectStatus.Failed); } connectStatus = SocialMediaConnectStatus.Registered; } UserLoggingReason loginStatus = Login(model, "Default"); Login(model, userProvider); return(connectStatus); }
public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context) { input.LoginError = false; string errorRedirectUrl = GetErrorRedirectUrl(context); if (Config.Get <SecurityConfig>().AuthenticationMode == SecConfig.AuthenticationMode.Claims && ClaimsManager.CurrentAuthenticationModule.AuthenticationProtocol != "Default") { var owinContext = context.Request.GetOwinContext(); var challengeProperties = ChallengeProperties.ForLocalUser(input.UserName, input.Password, this.MembershipProvider, input.RememberMe, errorRedirectUrl); challengeProperties.RedirectUri = this.GetReturnURL(context); owinContext.Authentication.Challenge(challengeProperties, ClaimsManager.CurrentAuthenticationModule.STSAuthenticationType); } else { var redirectUrl = this.GetReturnURL(context); User user; UserLoggingReason result = SecurityManager.AuthenticateUser( this.MembershipProvider, input.UserName, input.Password, input.RememberMe, out user); if (result != UserLoggingReason.Success) { if (ClaimsManager.CurrentAuthenticationModule.AuthenticationProtocol == "Default") { errorRedirectUrl = AddErrorParameterToQuery(errorRedirectUrl); SFClaimsAuthenticationManager.ProcessRejectedUserForDefaultClaimsLogin(context, result, user, input.RememberMe, redirectUrl, errorRedirectUrl); } input.LoginError = true; } else { if (ClaimsManager.CurrentAuthenticationModule.AuthenticationProtocol == "Default") { redirectUrl = RemoveErrorParameterFromQuery(redirectUrl); } input.RedirectUrlAfterLogin = redirectUrl; SystemManager.CurrentHttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties { RedirectUri = redirectUrl }); } } return(input); }
protected void PrepareWorkflowPanels(bool isAdmin, UserLoggingReason reason) { Type SecurityManagerClass = Type.GetType("Telerik.Sitefinity.Security.SecurityManager, Telerik.Sitefinity"); var exposedSecurityManagerClass = ExposedObject.Exposed.From(SecurityManagerClass); Type LoginFormClass = Type.GetType("Telerik.Sitefinity.Security.Web.UI.LoginForm, Telerik.Sitefinity"); LoginPanel.Visible = false; //var ticket = BuildAuthTicket(isAdmin); var ticket = LoginFormClass.GetMethod("BuildAuthTicket", (BindingFlags.NonPublic | BindingFlags.Instance)).Invoke(this, new object[] { isAdmin }) as string; this.AuthTicket = ticket; Type UserActivityManagerClass = Type.GetType("Telerik.Sitefinity.Security.UserActivityManager, Telerik.Sitefinity"); dynamic uaManager = UserActivityManagerClass.GetMethod("GetManager", new Type[0]).Invoke(null, new object[0]); var userActivity = uaManager.Provider.GetUserActivity(this.currentUser.Id, this.currentUser.ProviderName); //The maximum allowed logged in users limit is reached. //Administrator should choose instead of who will log in. //The selected user will be logged off. if (reason == UserLoggingReason.UserLimitReached) { if (isAdmin) { this.Mode = AdminLogsOutUser; BindLoggedInUsersList(); UserListPanel.Visible = true; return; } DisplayDenyLogin(); } else if (userActivity.LastActivityDate >= exposedSecurityManagerClass.ExpiredSessionsLastLoginDate) { //This case is where you want to logout yourself from different computer or browser //SetSelfLogoutMode(this.currentUser, UserAlreadyLoggedIn); LoginFormClass.GetMethod("SetSelfLogoutMode", (BindingFlags.NonPublic | BindingFlags.Instance)).Invoke(this, new object[] { this.currentUser, UserAlreadyLoggedIn }); } else { //When the session is expired just force user to log in with message this.Mode = string.Empty; LoginPanel.Visible = true; SelfLogoffPanel.Visible = false; } }
/// <inheritDoc/> public virtual LoginFormViewModel Authenticate(LoginFormViewModel input, HttpContextBase context) { User user; UserLoggingReason result = SecurityManager.AuthenticateUser( this.MembershipProvider, input.UserName, input.Password, input.RememberMe, out user); var identity = ClaimsManager.GetCurrentIdentity(); if (user != null && identity != null && identity.OriginalIdentity is SitefinityIdentity) { IClaimsPrincipal cp = new ClaimsPrincipal(new[] { new ClaimsIdentity(identity.Claims) }); var wifCredentials = new FederatedServiceCredentials(FederatedAuthentication.ServiceConfiguration); cp = wifCredentials.ClaimsAuthenticationManager.Authenticate(context.Request.RequestType, cp); SitefinityClaimsAuthenticationModule.Current.AuthenticatePrincipalWithCurrentToken(cp, input.RememberMe); } if (result == UserLoggingReason.Unknown) { input.IncorrectCredentials = true; } else { string redirectUrl; if (!this.TryResolveUrlFromUrlReferrer(context, out redirectUrl)) { redirectUrl = this.GetPageUrl(this.LoginRedirectPageId); } input.RedirectUrlAfterLogin = redirectUrl; if (result != UserLoggingReason.Success) { SFClaimsAuthenticationManager.ProcessRejectedUser(context, input.RedirectUrlAfterLogin); } } return(input); }