static public Membership.UserAuthenticateResults Login(string Email, string Password, bool GenerateRememberMeCookie)
{
Int64 SupplierId;
Membership.UserAuthenticateResults results = Membership.AuthenticateSupplier(Email, Password, out SupplierId);
if (results != Membership.UserAuthenticateResults.Success)
{
return(results);
}
AppSupplierAuthToken token = AuthTokens.GenerateAuthTokenForAppSupplierId(SupplierId, GenerateRememberMeCookie ? AuthTokenTimeSpan : 0);
if (token == null)
{
return(Membership.UserAuthenticateResults.LoginError);
}
if (GenerateRememberMeCookie)
{
HttpCookie cookie = new HttpCookie(@"auth-token", TeaEncryptor.Encrypt(token.Secret.ToString(@"N") + @":" + token.Key, RememberMeCookieEncryptionKey));
cookie.Expires = token.Expiry;
HttpContext.Current.Response.Cookies.Add(cookie);
}
HttpContext.Current.Session[@"Authenticated"] = true;
HttpContext.Current.Session[@"AuthTokenId"] = token.AppSupplierAuthTokenId;
HttpContext.Current.Session[@"SupplierId"] = SupplierId;
AppSupplier supplier = AppSupplier.FetchByID(SupplierId);
HttpContext.Current.Session[@"IsProductSupplier"] = (supplier != null ? supplier.IsProduct : false);
//HttpContext.Current.Session[@"LangCode"] = dg.Sql.Query.New<AppSupplier>().Select(AppSupplier.Columns.LangCode).Where(AppSupplier.Columns.SupplierId, SupplierId).ExecuteScalar() as string;
return(results);
}
static public Membership.UserAuthenticateResults Login(string Email, string Password, bool GenerateRememberMeCookie)
{
Int64 UserId;
Membership.UserAuthenticateResults results = Membership.AuthenticateUser(Email, Password, out UserId);
if (results != Membership.UserAuthenticateResults.Success)
{
return(results);
}
UserAuthToken token = AuthTokens.GenerateAuthTokenForUserId(UserId, GenerateRememberMeCookie ? AuthTokenTimeSpan : 0);
if (token == null)
{
return(Membership.UserAuthenticateResults.LoginError);
}
if (GenerateRememberMeCookie)
{
HttpCookie cookie = new HttpCookie(@"auth-token", TeaEncryptor.Encrypt(token.Secret.ToString(@"N") + @":" + token.Key, RememberMeCookieEncryptionKey));
cookie.Expires = token.Expiry;
HttpContext.Current.Response.Cookies.Add(cookie);
}
HttpContext.Current.Session[@"Authenticated"] = true;
HttpContext.Current.Session[@"AuthTokenId"] = token.UserAuthTokenId;
HttpContext.Current.Session[@"UserId"] = UserId;
HttpContext.Current.Session[@"LangCode"] = dg.Sql.Query.New <UserProfile>().Select(UserProfile.Columns.DefaultLangCode).Where(UserProfile.Columns.UserId, UserId).ExecuteScalar() as string;
return(results);
}
public void RegisterDependencies(IServiceRegister serviceRegister)
{
if (serviceRegister is null)
{
throw new ArgumentNullException(nameof(serviceRegister));
}
serviceRegister.Register((IServiceProvider ServiceProvider) =>
{
CookieOptions option = new CookieOptions
{
Expires = DateTime.Now.AddDays(-10)
};
HttpContext context = ServiceProvider.GetService <HttpContext>();
ISession session = context.Session;
TeaEncryptor tea = new TeaEncryptor(session.Get(SecurityService.SECURITY_TOKEN_PASSWORD_NAME));
string fingerPrintJson = tea.Decrypt(context.Request.Cookies["X-Session"]);
SecurityToken securityToken = JsonConvert.DeserializeObject <SecurityToken>(fingerPrintJson);
context.Response.Cookies.Append("X-Session", "", option);
return(securityToken);
}, ServiceLifetime.Singleton);
}
public ActionResult Fingerprint([FromBody] string content)
{
TeaEncryptor tea = new TeaEncryptor(this.Session.Get(SecurityService.SECURITY_TOKEN_PASSWORD_NAME));
string json = tea.Decrypt(content);
SecurityToken token = JsonConvert.DeserializeObject <SecurityToken>(json);
this.Session.Set(SecurityService.SECURITY_TOKEN_NAME, token);
return(this.Content(""));
}
static public bool IsAuthenticated()
{
if (HttpContext.Current.Session[@"Authenticated"] != null && (bool)HttpContext.Current.Session[@"Authenticated"])
{
return(true);
}
else
{
HttpCookie cookie = HttpContext.Current.Request.Cookies[@"auth-token"];
if (cookie != null)
{
string[] auth = TeaEncryptor.Decrypt(cookie.Value, RememberMeCookieEncryptionKey).Split(':');
if (auth.Length == 2)
{
Int64 SupplierId;
Int64 AuthTokenId;
if (AuthTokens.ValidateAppSupplierAuthToken(auth[0], auth[1], false, out SupplierId, out AuthTokenId))//TODO
{
Membership.UserAuthenticateResults results = Membership.SupplierLoggedInAction(SupplierId);
if (results == Membership.UserAuthenticateResults.Success)
{
HttpContext.Current.Session[@"Authenticated"] = true;
HttpContext.Current.Session[@"AuthTokenId"] = AuthTokenId;
HttpContext.Current.Session[@"SupplierId"] = SupplierId;
AppSupplier supplier = AppSupplier.FetchByID(SupplierId);
HttpContext.Current.Session[@"IsProductSupplier"] = (supplier != null ? supplier.IsProduct : false);
//HttpContext.Current.Session[@"LangCode"] = dg.Sql.Query.New<AppSupplier>().Select(AppSupplier.Columns.LangCode).Where(AppSupplier.Columns.SupplierId, SupplierId).ExecuteScalar() as string;
return(true);
}
else
{
AppSupplierAuthToken.Delete(AuthTokenId);
HttpContext.Current.Response.Cookies.Set(new HttpCookie(@"auth-token", @""));
}
}
else
{
HttpContext.Current.Response.Cookies.Set(new HttpCookie(@"auth-token", @""));
}
}
}
}
return(false);
}
static public bool IsAuthenticated()
{
if (HttpContext.Current.Session[@"Authenticated"] != null && (bool)HttpContext.Current.Session[@"Authenticated"])
{
return(!(IsLockOrDelete()));
}
else
{
HttpCookie cookie = HttpContext.Current.Request.Cookies[@"auth-token"];
if (cookie != null)
{
string[] auth = TeaEncryptor.Decrypt(cookie.Value, RememberMeCookieEncryptionKey).Split(':');
if (auth.Length == 2)
{
Int64 UserId;
Int64 AuthTokenId;
if (AuthTokens.ValidateAuthToken(auth[0], auth[1], out UserId, out AuthTokenId))
{
Membership.UserAuthenticateResults results = Membership.UserLoggedInAction(UserId);
if (results == Membership.UserAuthenticateResults.Success)
{
HttpContext.Current.Session[@"Authenticated"] = true;
HttpContext.Current.Session[@"AuthTokenId"] = AuthTokenId;
HttpContext.Current.Session[@"UserId"] = UserId;
HttpContext.Current.Session[@"LangCode"] = dg.Sql.Query.New <UserProfile>().Select(UserProfile.Columns.DefaultLangCode).Where(UserProfile.Columns.UserId, UserId).ExecuteScalar() as string;
return(true);
}
else
{
UserAuthToken.Delete(AuthTokenId);
HttpContext.Current.Response.Cookies.Set(new HttpCookie(@"auth-token", @""));
}
}
else
{
HttpContext.Current.Response.Cookies.Set(new HttpCookie(@"auth-token", @""));
}
}
}
}
return(false);
}
