/// <summary>
/// Initiates a new session for this user, updating the <see cref="Sessions"/> collection and returning
/// the new session.
/// </summary>
/// <param name="application"></param>
/// <param name="hostName"></param>
/// <param name="password"></param>
/// <param name="timeout"></param>
/// <returns></returns>
public virtual UserSession InitiateSession(string application, string hostName, string password, TimeSpan timeout)
{
Platform.CheckForEmptyString(application, "application");
Platform.CheckForEmptyString(hostName, "hostName");
Platform.CheckForNullReference(password, "password");
Platform.CheckPositive(timeout.TotalMilliseconds, "timeout");
DateTime startTime = Platform.Time;
// check account is active and password correct
if (!IsActive(startTime) || !_password.Verify(password))
{
// account not active, or invalid password
// the error message is deliberately vague
throw new UserAccessDeniedException();
}
// check if password expired
if (_password.IsExpired(startTime))
throw new PasswordExpiredException();
// create new session
UserSession session = new UserSession(
this,
hostName,
application,
Guid.NewGuid().ToString("N"),
startTime,
startTime + timeout);
_sessions.Add(session);
// update last login time
_lastLoginTime = startTime;
return session;
}
private UserSession CreateSession(string host, string application, DateTime startTime, TimeSpan timeout, bool impersonated)
{
// create new session
var session = new UserSession(
this,
host,
application,
Guid.NewGuid().ToString("N"),
startTime,
startTime + timeout,
impersonated);
_sessions.Add(session);
return session;
}
