public void Login(string pUserName, string pPassword, bool pMFAEnabled) { /* MFA Enabled durumda Login işlemi sırasında sadece Authentication yapılır, authorization yapılmaz * MFA disabled ise Login işlemi sırasnda hem Authentication hem Authorization gerçekleştirilir */ try { PxSession session = PxSession.Current; PxPrincipalInfo principalInfo; PxCredentialInfo credentials = new PxCredentialInfo(); //TODO: pUserName ve pPassword geldiği haliyle kullanılmamalı! Validate edilmeli credentials.UserName = pUserName; credentials.Password = pPassword; principalInfo = this.Authentication.Login(credentials); if (!pMFAEnabled) { principalInfo.Authorization = this.Authorization.Authorize(principalInfo.UserId); } session.Principal = principalInfo; session.Save(); } catch (Exception ex) { Logging.Loggers.PxErrorLogger.Log(ex); throw; } }
/// <summary> /// /// </summary> /// <param name="credential"></param> public PxPrincipalInfo Login(PxCredentialInfo credential) { User user = null; PxPrincipalInfo info = null; PxSession axSession = PxSession.Get(); try { using (TransactionScope scope = new TransactionScope()) { using (PeakDbContext dbContext = new PeakDbContext()) { user = dbContext.Users.FirstOrDefault(x => x.Code == credential.UserName); if (user == null) { throw AuthExceptions.InvalidUserNameOrPassword(); } if (user.PasswordState == PasswordState.Blocked) { throw AuthExceptions.UserHasBeenLocked(); } string pwd = Toolkit.Instance.Security.GetSecureHash(credential.Password, user.PasswordSalt, Encoding.UTF8, HashFormat.Base64); if (user.Password != pwd) { user.PasswordTryCount++; if (user.PasswordTryCount > PxConfigurationManager.PxConfig.Authentication.Policy.IncorrectPasswordCount) { user.PasswordState = PasswordState.Blocked; } dbContext.SaveChanges(); if (user.PasswordState == PasswordState.Blocked) { throw AuthExceptions.UserHasBeenLocked(); } throw AuthExceptions.InvalidUserNameOrPassword(); } if (user.CancelDate.HasValue && user.CancelDate <= DateTime.Now) { throw AuthExceptions.InvalidUserNameOrPassword(); } // kullanıcı henüz aktive edilmediyse hata at. if (user.StartDate > DateTime.Now) { throw AuthExceptions.UserActivationIsNotStartedYet(); } // kullanıcı aktivasyonu sona ermişse hata at. if (user.EndDate.HasValue && user.EndDate < DateTime.Now) { throw AuthExceptions.UserActivationIsEnded(); } string sessionKey = Toolkit.Instance.CreateUniqueId(); ActiveSession activeSession = new ActiveSession() { Ip = axSession.Client.IPAddress, OpenDate = DateTime.Now, SessionKey = sessionKey, BrowserUserAgent = axSession.Client.BrowserUserAgent, UserId = user.Id }; dbContext.ActiveSessions.Add(activeSession); user.PasswordTryCount = 0; dbContext.SaveChanges(); info = new PxPrincipalInfo(); info.Authentication.ExpireDate = DateTime.Now.AddMinutes(PxConfigurationManager.PxConfig.Session.DefaultExpireDuration); info.Authentication.Token = sessionKey; info.Authentication.Timeout = PxConfigurationManager.PxConfig.Session.DefaultTimeoutDuration; if (!PxConfigurationManager.PxConfig.Authentication.MultiFA.Enabled) { info.Authentication.IsAuthenticated = true; } info.Authentication.IsPasswordMustChanged = user.IsPwdMustChange; info.Authentication.Name = user.Name; info.CultureCode = user.CultureCode; info.UserName = user.Code; info.EmailAddress = user.Email; info.UserId = user.Id; info.ProfileImage = user.Image; info.MiddleName = user.MiddleName; info.Name = user.Name; info.PhoneNumber = user.PhoneNumber; info.Surname = user.Surname; } scope.Complete(); } axSession.Principal = info; this.authorizeAndGetMenu(axSession); //Authorization verisi ve ana menu bilgileri alınıyor PxSession.Save(axSession); return(info); } catch { //Başarısız oturum denemeleri tablosuna kayıt atılıyor. using (PeakDbContext dbContext = new PeakDbContext()) { UnsuccessfulSession unSuccesfulSession = new UnsuccessfulSession() { UserId = user != null ? user.Id : 0, Ip = axSession.Client.IPAddress, Date = DateTime.Now, BrowserUserAgent = axSession.Client.BrowserUserAgent }; dbContext.UnsuccessfulSessions.Add(unSuccesfulSession); dbContext.SaveChanges(); } throw; } }