예제 #1
0
        /// <summary>
        /// Gets the UserId of the currently logged in user for a specific UserArea,
        /// regardless of the ambient authentication scheme. Useful in multi-userarea
        /// scenarios where you need to ignore the ambient user and check for permissions
        /// against a specific user area.
        /// </summary>
        /// <param name="userAreaCode">The unique identifying code fo the user area to check for.</param>
        public async Task <int?> GetUserIdByUserAreaCodeAsync(string userAreaCode)
        {
            if (userAreaCode == null)
            {
                throw new ArgumentNullException(nameof(userAreaCode));
            }

            if (cachedUserIdArea == userAreaCode && userIdCache.HasValue)
            {
                return(userIdCache.Value);
            }

            var scheme = CofoundryAuthenticationConstants.FormatAuthenticationScheme(userAreaCode);
            var result = await _httpContextAccessor.HttpContext.AuthenticateAsync(scheme);

            if (!result.Succeeded)
            {
                return(null);
            }

            var userIdClaim = result.Principal.FindFirst(ClaimTypes.NameIdentifier);

            if (userIdClaim == null)
            {
                return(null);
            }

            var userId = IntParser.ParseOrNull(userIdClaim.Value);

            return(userId);
        }
예제 #2
0
        /// <summary>
        /// Logs the specified UserId into the current session.
        /// </summary>
        /// <param name="userAreaCode">Unique code of the user area to log the user into (required).</param>
        /// <param name="userId">UserId belonging to the owner of the current session.</param>
        /// <param name="rememberUser">
        /// True if the session should last indefinately; false if the
        /// session should close after a timeout period.
        /// </param>
        public Task LogUserInAsync(string userAreaCode, int userId, bool rememberUser)
        {
            if (userAreaCode == null)
            {
                throw new ArgumentNullException(nameof(userAreaCode));
            }
            if (userId < 1)
            {
                throw new ArgumentOutOfRangeException(nameof(userId));
            }

            var stringId = Convert.ToString(userId);
            var scheme   = CofoundryAuthenticationConstants.FormatAuthenticationScheme(userAreaCode);

            var claims = new[] {
                new Claim(ClaimTypes.NameIdentifier, stringId),
            };

            var claimsIdentity = new ClaimsIdentity(claims, scheme);
            var userPrincipal  = new ClaimsPrincipal(claimsIdentity);

            userIdCache      = userId;
            cachedUserIdArea = userAreaCode;

            return(_httpContextAccessor.HttpContext.SignInAsync(scheme, userPrincipal, _defaultAuthenticationProperties));
        }
예제 #3
0
        /// <summary>
        /// Logs the user out of all user areas.
        /// </summary>
        public async Task LogUserOutOfAllUserAreasAsync()
        {
            ClearCache();

            foreach (var customEntityDefinition in _userAreaDefinitionRepository.GetAll())
            {
                var scheme = CofoundryAuthenticationConstants.FormatAuthenticationScheme(customEntityDefinition.UserAreaCode);
                await _httpContextAccessor.HttpContext.SignOutAsync(scheme);
            }
        }
예제 #4
0
        /// <summary>
        /// Logs the user out of the specified user area.
        /// </summary>
        /// <param name="userAreaCode">Unique code of the user area to log the user into (required).</param>
        public async Task LogUserOutAsync(string userAreaCode)
        {
            if (userAreaCode == null)
            {
                throw new ArgumentNullException(nameof(userAreaCode));
            }

            if (cachedUserIdArea == userAreaCode)
            {
                ClearCache();
            }

            var scheme = CofoundryAuthenticationConstants.FormatAuthenticationScheme(userAreaCode);
            await _httpContextAccessor.HttpContext.SignOutAsync(scheme);
        }
예제 #5
0
        public void Configure(IMvcBuilder mvcBuilder)
        {
            var services     = mvcBuilder.Services;
            var allUserAreas = _userAreaDefinitionRepository.GetAll();

            // Set default schema as specified in config, falling back to CofoundryAdminUserArea
            // Since any additional areas are configured by the implementor there shouldn't be multiple
            // unless the developer has misconfigured their areas.
            var defaultSchemaCode = allUserAreas
                                    .OrderByDescending(u => u.IsDefaultAuthSchema)
                                    .ThenByDescending(u => u is CofoundryAdminUserArea)
                                    .ThenBy(u => u.Name)
                                    .Select(u => u.UserAreaCode)
                                    .First();

            var defaultScheme = CofoundryAuthenticationConstants.FormatAuthenticationScheme(defaultSchemaCode);

            var authBuilder     = mvcBuilder.Services.AddAuthentication(defaultScheme);
            var cookieNamespace = _authCookieNamespaceProvider.GetNamespace();

            foreach (var userAreaDefinition in allUserAreas)
            {
                var scheme = CofoundryAuthenticationConstants.FormatAuthenticationScheme(userAreaDefinition.UserAreaCode);

                authBuilder
                .AddCookie(scheme, cookieOptions =>
                {
                    cookieOptions.Cookie.Name        = cookieNamespace + userAreaDefinition.UserAreaCode;
                    cookieOptions.Cookie.HttpOnly    = true;
                    cookieOptions.Cookie.IsEssential = true;
                    cookieOptions.Cookie.SameSite    = SameSiteMode.Lax;

                    if (!string.IsNullOrWhiteSpace(userAreaDefinition.LoginPath))
                    {
                        cookieOptions.LoginPath = userAreaDefinition.LoginPath;
                    }
                });
            }

            mvcBuilder.Services.AddAuthorization();
        }
예제 #6
0
 public AuthorizeUserAreaAttribute(string userAreaCode)
     : base()
 {
     AuthenticationSchemes = CofoundryAuthenticationConstants.FormatAuthenticationScheme(userAreaCode);
 }