public async static Task <AuthenticatedUser> SetAuthenticatedUserAsync(this HttpContext context, string userId) { AuthenticatedUser authUser = null; // check in the sessions if (userId != null) { var user = await((Directory.Users)context.Data["users"]).GetUserAsync(userId); if (user != null) { authUser = new AuthenticatedUser { user = user } } ; } context.User = (authUser != null) ? authUser.Name : null; context.Data[AuthUserKey] = authUser; return(authUser); } }
public async static Task <AuthenticatedUser> GetAuthenticatedUserAsync(this HttpContext context) { if (context.Data.ContainsKey(AuthUserKey)) { return(context.Data[AuthUserKey] as AuthenticatedUser); } AuthenticatedUser authUser = null; // check in the sessions var userId = await((Sessions)context.Data["sessions"]).GetAuthenticatedUserAsync(context); if (userId != null) { var user = await((Directory.Users)context.Data["users"]).GetUserAsync(userId); if (user != null) { authUser = new AuthenticatedUser { user = user } } ; } // check for HTTP Basic authorization if ((authUser == null) && (context.Request.Headers.ContainsKey("authorization"))) { var parts = context.Request.Headers["authorization"].Split(new char[] { ' ' }, 2, StringSplitOptions.RemoveEmptyEntries); if (parts[0].ToLowerInvariant() == "basic") { var authorization = Encoding.UTF8.GetString(Convert.FromBase64String(parts[1])); var pos = authorization.IndexOf(':'); if (pos != -1) { var login = authorization.Substring(0, pos); var password = authorization.Substring(pos + 1); // check in the applications var app = await((Applications)context.Data["applications"]).CheckPasswordAsync(login, password); if (app != null) { authUser = new AuthenticatedUser { application = app } } ; // check in the users if (authUser == null) { userId = await((Users)context.Data["users"]).RateLimitedCheckPasswordAsync(context, login, password); if (userId != null) { var user = await((Users)context.Data["users"]).GetUserAsync(userId); if (user != null) { authUser = new AuthenticatedUser { user = user } } ; } } } } } // check for Query string authentication if ((authUser == null) && context.Request.QueryString.ContainsKey("app_id") && context.Request.QueryString.ContainsKey("app_key")) { var login = context.Request.QueryString["app_id"]; var password = context.Request.QueryString["app_key"]; // check in the applications var app = await((Applications)context.Data["applications"]).CheckPasswordAsync(login, password); if (app != null) { authUser = new AuthenticatedUser { application = app } } ; } context.User = (authUser != null) ? authUser.Name : null; context.Data[AuthUserKey] = authUser; return(authUser); }