public CustomerSession CreateSwitchboardSession(string owner)
{
Customer customer = m_customerPersistor.Get(c => c.CustomerUsername == owner);
if (customer != null)
{
if (!customer.EmailAddressConfirmed)
{
throw new ApplicationException("Your email address has not yet been confirmed.");
}
else if (customer.Suspended)
{
throw new ApplicationException("Your account is suspended.");
}
else
{
logger.Debug("CreateSwitchboardSession successful for " + owner + ".");
string sessionId = Crypto.GetRandomByteString(SESSION_ID_STRING_LENGTH / 2);
CustomerSession customerSession = new CustomerSession(Guid.NewGuid(), sessionId, customer.CustomerUsername, null);
m_customerSessionPersistor.Add(customerSession);
return(customerSession);
}
}
else
{
logger.Debug("CreateSwitchboardSession failed for " + owner + ".");
return(null);
}
}
public CustomerSession Authenticate(string sessionId)
{
try
{
CustomerSession customerSession = m_customerSessionPersistor.Get(s => s.SessionID == sessionId && !s.Expired);
//CustomerSession customerSession = m_customerSessionPersistor.Get(s => s.Id == sessionId);
if (customerSession != null)
{
int sessionLengthMinutes = (int)DateTimeOffset.UtcNow.Subtract(customerSession.Inserted).TotalMinutes;
//logger.Debug("CustomerSession Inserted=" + customerSession.Inserted.ToString("o") + ", session length=" + sessionLengthMinutes + "mins.");
if (sessionLengthMinutes > customerSession.TimeLimitMinutes || sessionLengthMinutes > CustomerSession.MAX_SESSION_LIFETIME_MINUTES)
{
customerSession.Expired = true;
m_customerSessionPersistor.Update(customerSession);
return(null);
}
else
{
//logger.Debug("Authentication token valid for " + sessionId + ".");
return(customerSession);
}
}
else
{
logger.Warn("Authentication token invalid for " + sessionId + ".");
return(null);
}
}
catch (Exception excp)
{
logger.Error("Exception Authenticate CustomerSessionManager. " + excp.Message);
throw;
}
}
public CustomerSession Authenticate(string username, string password, string ipAddress)
{
try
{
if (username.IsNullOrBlank() || password.IsNullOrBlank())
{
logger.Debug("Login failed, either username or password was not specified.");
return(null);
}
else
{
logger.Debug("CustomerSessionManager authenticate requested for username " + username + " from " + ipAddress + ".");
// Don't do the password check via the database as different ones have different string case matching.
Customer customer = m_customerPersistor.Get(c => c.CustomerUsername == username);
if (customer != null && PasswordHash.Hash(password, customer.Salt) == customer.CustomerPassword)
{
if (!customer.EmailAddressConfirmed)
{
throw new ApplicationException("Your email address has not yet been confirmed.");
}
else if (customer.Suspended)
{
throw new ApplicationException("Your account is suspended.");
}
else
{
logger.Debug("Login successful for " + username + ".");
string sessionId = Crypto.GetRandomByteString(SESSION_ID_STRING_LENGTH / 2);
CustomerSession customerSession = new CustomerSession(Guid.NewGuid(), sessionId, customer.CustomerUsername, ipAddress);
m_customerSessionPersistor.Add(customerSession);
return(customerSession);
}
}
else
{
logger.Debug("Login failed for " + username + ".");
return(null);
}
}
}
catch (Exception excp)
{
logger.Error("Exception Authenticate CustomerSessionManager. " + excp.Message);
throw;
}
}
public void ExpireToken(string sessionId)
{
try
{
CustomerSession customerSession = m_customerSessionPersistor.Get(s => s.SessionID == sessionId);
if (customerSession != null)
{
customerSession.Expired = true;
m_customerSessionPersistor.Update(customerSession);
}
}
catch (Exception excp)
{
logger.Error("Exception ExpireToken CustomerSessionManager. " + excp.Message);
throw;
}
}
public void ExtendSession(string sessionId, int minutes)
{
try
{
CustomerSession customerSession = m_customerSessionPersistor.Get(s => s.SessionID == sessionId);
if (customerSession != null)
{
if (customerSession.TimeLimitMinutes >= CustomerSession.MAX_SESSION_LIFETIME_MINUTES)
{
throw new ApplicationException("The session lifetime cannot be extended beyind " + CustomerSession.MAX_SESSION_LIFETIME_MINUTES + " minutes.");
}
else
{
if (customerSession.TimeLimitMinutes + minutes > CustomerSession.MAX_SESSION_LIFETIME_MINUTES)
{
customerSession.TimeLimitMinutes = CustomerSession.MAX_SESSION_LIFETIME_MINUTES;
}
else
{
customerSession.TimeLimitMinutes += minutes;
}
m_customerSessionPersistor.Update(customerSession);
}
}
else
{
throw new ApplicationException("The session ID that was requested to extend does not exist.");
}
}
catch (Exception excp)
{
logger.Error("Exception ExtendSession. " + excp.Message);
throw;
}
}
public CustomerSession CreateSwitchboardSession(string owner)
{
Customer customer = m_customerPersistor.Get(c => c.CustomerUsername == owner);
if (customer != null)
{
if (!customer.EmailAddressConfirmed)
{
throw new ApplicationException("Your email address has not yet been confirmed.");
}
else if (customer.Suspended)
{
throw new ApplicationException("Your account is suspended.");
}
else
{
logger.Debug("CreateSwitchboardSession successful for " + owner + ".");
string sessionId = Crypto.GetRandomByteString(SESSION_ID_STRING_LENGTH / 2);
CustomerSession customerSession = new CustomerSession(Guid.NewGuid(), sessionId, customer.CustomerUsername, null);
m_customerSessionPersistor.Add(customerSession);
return customerSession;
}
}
else
{
logger.Debug("CreateSwitchboardSession failed for " + owner + ".");
return null;
}
}
public CustomerSession Authenticate(string username, string password, string ipAddress)
{
try
{
if (username.IsNullOrBlank() || password.IsNullOrBlank())
{
logger.Debug("Login failed, either username or password was not specified.");
return null;
}
else
{
logger.Debug("CustomerSessionManager authenticate requested for username " + username + " from " + ipAddress + ".");
// Don't do the password check via the database as different ones have different string case matching.
Customer customer = m_customerPersistor.Get(c => c.CustomerUsername == username);
if (customer != null && PasswordHash.Hash(password, customer.Salt) == customer.CustomerPassword)
{
if (!customer.EmailAddressConfirmed)
{
throw new ApplicationException("Your email address has not yet been confirmed.");
}
else if (customer.Suspended)
{
throw new ApplicationException("Your account is suspended.");
}
else
{
logger.Debug("Login successful for " + username + ".");
string sessionId = Crypto.GetRandomByteString(SESSION_ID_STRING_LENGTH / 2);
CustomerSession customerSession = new CustomerSession(Guid.NewGuid(), sessionId, customer.CustomerUsername, ipAddress);
m_customerSessionPersistor.Add(customerSession);
return customerSession;
}
}
else
{
logger.Debug("Login failed for " + username + ".");
return null;
}
}
}
catch (Exception excp)
{
logger.Error("Exception Authenticate CustomerSessionManager. " + excp.Message);
throw;
}
}
