public NotAuthorizedException(AppUserSession sess, List<string> roles) : base($"You are not authorized to execute this operation.") { this.UserID = sess.UserID.Value.ToString(); this.SessionID = sess.SessionID.Value.ToString(); this.Action = sess.Action; this.Controller = sess.Controller; this.URI = sess.URI; this.Roles = roles.ToArray(); }
public AppUserSession StartAnonSession(HttpContext requestContext, System.Web.Http.Controllers.HttpControllerContext ctx) { HttpRequest r = requestContext.Request; if(this.Session == null) { ApplicationUser u = this.SetAnonUser(); AppUserSession session = new AppUserSession() { Created = DateTime.Now, Culture = CultureInfo.CurrentCulture.TwoLetterISOLanguageName, HostAddress = requestContext.Request.UserHostName, IPAddress = requestContext.Request.UserHostAddress, LoginCount = 0, Authenticated = false, HostName = requestContext.Request.UserHostName, Expires = DateTime.Now.AddDays(1), Token = Guid.NewGuid(), SessionID = Guid.NewGuid(), Mode = Shared.Enum.AuthMode.LOCAL, UserID = u.UserID, Active = true, Action = ctx.RouteData.Values["action"].ToString(), Controller = ctx.RouteData.Values["controller"].ToString(), URI = r.Url.Query }; if (requestContext.Request.Browser != null) { session.Platform = requestContext.Request.Browser.Platform; session.ScreenWidth = requestContext.Request.Browser.ScreenPixelsWidth.ToString(); session.ScreenHeight = requestContext.Request.Browser.ScreenPixelsHeight.ToString(); session.BrowserName = requestContext.Request.Browser.Browser; session.UserAgent = requestContext.Request.Browser.Browser; } if (requestContext.Request.Browser.IsMobileDevice) { session.IsMobileDevice = requestContext.Request.Browser.IsMobileDevice; session.MobileDeviceName = requestContext.Request.Browser.MobileDeviceModel; } this.Session = session; this.Db.AppUserSessions.Add(session); this.Db.SaveChanges(); } return Session; }
public AppUserSession Login(string username, string password, System.Web.HttpContext requestContext, System.Web.Http.Controllers.HttpControllerContext ctx) { if (this.Session == null || this.Session.Authenticated == false) { System.Web.HttpRequest r = requestContext.Request; string pass = GetMd5Hash(this.MD5Hasher, password); ApplicationUser authUser = this.Db.ApplicationUsers.Where(w => w.UserEmailAddress == username && w.UserPassword == pass).FirstOrDefault(); if (authUser != null) { authUser.Roles = this.Db.U2R.Where(w => w.UserID == authUser.UserID).Select(s => s.Role).ToList(); AppUserSession session = new AppUserSession() { Authorized = false, Authenticated = true, Created = DateTime.Now, Culture = CultureInfo.CurrentCulture.TwoLetterISOLanguageName, HostAddress = requestContext.Request.UserHostName, IPAddress = requestContext.Request.UserHostAddress, LoginCount = 1, HostName = requestContext.Request.UserHostName, Expires = DateTime.Now.AddDays(1), Platform = requestContext.Request.Browser.Platform, ScreenWidth = requestContext.Request.Browser.ScreenPixelsWidth.ToString(), ScreenHeight = requestContext.Request.Browser.ScreenPixelsHeight.ToString(), Token = Guid.NewGuid(), SessionID = Guid.NewGuid(), BrowserName = requestContext.Request.Browser.Browser, Mode = Shared.Enum.AuthMode.LOCAL, UserAgent = requestContext.Request.Browser.Browser, UserID = authUser.UserID, Active = true, Action = ctx.RouteData.Values["action"].ToString(), Controller = ctx.RouteData.Values["controller"].ToString(), URI = "SECURE" }; if (requestContext.Request.Browser.IsMobileDevice) { session.IsMobileDevice = requestContext.Request.Browser.IsMobileDevice; session.MobileDeviceName = requestContext.Request.Browser.MobileDeviceModel; } this.CurrentUser = authUser; this.HasAuth = true; if (authUser.Roles.Count() == 0) { throw new Exception($"None of the roles for the user {authUser.UserName} where found."); } this.CurrentUserRoles = authUser.Roles; this.Session = session; this.Db.AppUserSessions.Add(this.Session); this.Db.SaveChanges(); return session; } else { this.HasAuth = false; this.CurrentUser = null; this.CurrentUserRoles = null; this.StartAnonSession(requestContext, ctx); return null; } } else { return Session; } }
public bool IsExpired(AppUserSession sess) { if(sess.Expires < DateTime.Now) { return true; } else { return false; } }
public bool AlmostExpired(AppUserSession session) { if(session.Expires > DateTime.Now.AddHours(-1)) { this.IsAlmostExpired = true; return true; } else { this.IsAlmostExpired = false; return false; } }