/// <summary> /// Only for development!! /// </summary> public async Task <bool> LoginDebugAsync(HttpContext context, string userId) { var user = await userRepository.GetSingleAsync(u => string.Equals(u.Userid, userId, StringComparison.OrdinalIgnoreCase)); if (user == null) { return(false); } if (user.Delstat != 0) { return(false); } if (user.Passwdexpr < DateTime.Now) { return(false); } var sessionData = SessionStore.GetSession(context); if (!await ProcessLoginAsync(context, sessionData.Sid, user)) { return(false); } return(true); }
private bool ValidateContext(HttpContext context, string key, out MembershipContext membershipContext, out IAuthorizationService authorizer) { membershipContext = null; authorizer = null; if (string.IsNullOrWhiteSpace(key)) { return(false); } var sessionData = SessionStore.GetSession(context, key); if (sessionData == null) { return(false); } membershipContext = sessionData.Context; if (membershipContext == null) { return(false); } authorizer = authorizerAdapter.Provider(); if (authorizer == null) { return(false); } return(true); }
public void GetSessionTest() { var session = SessionStore.CreateSession(TimeSpan.FromDays(1)); var guid = session.Guid; session = SessionStore.GetSession(guid); Assert.NotNull(session); }
public async Task <SessionData> GetSessionAsync(HttpContext context, string sid = null) { if (string.IsNullOrWhiteSpace(sid)) { sid = await GetSidFromContextAsync(context); } return(SessionStore.GetSession(context, sid)); }
private void InitializeSession() { if (this.Cookies.ContainsKey(SessionStore.SessionCookieKey)) { var cookie = this.Cookies.Get(SessionStore.SessionCookieKey); string sessionId = cookie.Value; this.Session = SessionStore.GetSession(sessionId); } }
public void SessionExpiryTest() { var session = SessionStore.CreateSession(TimeSpan.FromSeconds(1)); Thread.Sleep(TimeSpan.FromSeconds(2)); session = SessionStore.GetSession(session.Guid); Assert.Null(session); }
private async Task <string> GetSaltAsync(HttpContext context, string sid) { var sessionData = SessionStore.GetSession(context, sid); var plain = ToHex(Encoding.UTF8.GetBytes(Convert.ToBase64String(sessionData.Ipa))) + sessionData.Timestamp.ToString(); var saltBytes = Encoding.UTF8.GetBytes(Convert.ToBase64String(await CryptoService.EncryptAsync(plain))); saltBytes = CryptoService.ComputeSHA512Hash(saltBytes); var salt = ToHex(saltBytes); return(salt); }
public IActionResult Index(AuthenticationIdentity identity) { if (!ModelState.IsValid) { return(View("Authentication", identity)); } MvcIdentityModel computed = Identity.GetIdentityByEmail(identity.Email); if (computed == default(MvcIdentityModel)) { ModelState.AddModelError("General", "The entered email and/or password is incorrect!"); return(View("Authentication", identity)); } if (!computed.VerifyPassword(identity.Password)) { ModelState.AddModelError("General", "The entered email and/or password is incorrect!"); return(View("Authentication", identity)); } var sid = Request.Cookies.ContainsKey("SID") ? Guid.Parse(Request.Cookies["SID"]) : Guid.Empty; if (sid == Guid.Empty) { ModelState.AddModelError("General", "The session ID was lost between authentication steps!"); return(View("Authentication", identity)); } var session = SessionStore.GetSession(sid); var authRequest = session.GetAttribute <AuthRequestPayload>("AuthRequest"); var authResponse = new AuthResponsePayload() { Authenticated = true, RequestId = authRequest.RequestId, SessionId = session.Guid, SessionExpiry = session.ExpiryTime, Identity = computed.ToBaseModel() }; session["AuthPayload"] = authResponse; HttpHandler.Post(authRequest.ResponseUri, authResponse.Encode()).Wait(); return(Redirect(authRequest.RedirectUri.ToString())); }
private string SetRequestSession(IHttpRequest httpRequest) { string sessionId = null; if (httpRequest.Cookies.ContainsKey(SessionStore.SessionCookieKey)) { var cookie = httpRequest.Cookies.Get(SessionStore.SessionCookieKey); sessionId = cookie.Value; httpRequest.Session = SessionStore.GetSession(sessionId); } else { sessionId = Guid.NewGuid().ToString(); httpRequest.Session = SessionStore.GetSession(sessionId); } return(sessionId); }
public void SessionDisposalTest() { SessionStore.DisposeInterval = TimeSpan.FromSeconds(1); var session = SessionStore.CreateSession(TimeSpan.FromSeconds(3)); Assert.True(session.IsValid()); Thread.Sleep(TimeSpan.FromSeconds(1)); session = SessionStore.GetSession(session.Guid); Assert.NotNull(session); Assert.True(session.IsValid()); Thread.Sleep(TimeSpan.FromSeconds(3)); Assert.False(session.IsValid()); session = SessionStore.GetSession(session.Guid); Assert.Null(session); }
public IActionResult Index() { if (Request.Query.Count == 0) { return(Redirect("https://andreihava.net/")); } if (Request.Query.ContainsKey("Email")) { var email = Request.Query.ContainsKey("Email") ? Request.Query["Email"].ToString() : string.Empty; if (string.IsNullOrEmpty(email)) { return(BadRequest("Email parameter was defined but didn't have a value!")); } var newReg = Request.Query.ContainsKey("NewAccount") && bool.Parse(Request.Query["NewAccount"].ToString()); var pendingActivation = Request.Query.ContainsKey("PendingActivation") && bool.Parse(Request.Query["PendingActivation"].ToString()); if (string.IsNullOrEmpty(email)) { return(View("Authentication", new AuthenticationIdentity())); } var identity = new AuthenticationIdentity { Email = email, NewAccount = newReg, PendingActivation = pendingActivation }; return(View("Authentication", identity)); } if (Request.Query.ContainsKey("AuthToken")) { Session session; AuthRequestPayload authRequest; var authToken = Request.Query.ContainsKey("AuthToken") ? Request.Query["AuthToken"].ToString() : string.Empty; if (string.IsNullOrEmpty(authToken)) { return(BadRequest("AuthToken parameter was defined but didn't have a value!")); } authRequest = AuthRequestPayload.Decode(authToken); if (Request.Cookies.ContainsKey("SID")) { var sid = Guid.Parse(Request.Cookies["SID"]); session = SessionStore.GetSession(sid); if (session == null || !session.IsValid()) { session = SessionStore.CreateSession(TimeSpan.FromHours(12)); } else { var authResponse = session.GetAttribute <AuthResponsePayload>("AuthPayload"); authResponse.RequestId = authRequest.RequestId; HttpHandler.Post(authRequest.ResponseUri, authResponse.Encode()).Wait(); return(Redirect(authRequest.RedirectUri.ToString())); } } else { session = SessionStore.CreateSession(TimeSpan.FromHours(12)); } session["AuthRequest"] = authRequest; Response.Cookies.Append("SID", session.Guid.ToString(), new CookieOptions() { Domain = Request.Host.Host, HttpOnly = true, SameSite = SameSiteMode.Strict, Expires = DateTimeOffset.UtcNow.AddHours(12) }); Response.Cookies.Append("RID", authRequest.RequestId.ToString(), new CookieOptions() { Domain = Request.Host.Host, HttpOnly = true, SameSite = SameSiteMode.Strict }); return(View("Authentication", new AuthenticationIdentity())); } return(BadRequest()); }