public async Task ResolveForAuthSessionIp(Guid authSessionIpId)
{
AuthSessionIp sessionIp = await _authDbContext.AuthSessionIps
.SingleAsync(s => s.Id == authSessionIpId);
GeoLocation.GeoLocation?result = await _geoLocationManager.TryResolveLocationAsync(sessionIp.IpAddress);
if (result != null)
{
sessionIp.City = result.City;
sessionIp.Country = result.CountryCode;
await _authDbContext.SaveChangesAsync();
}
}
public override async Task ValidatePrincipal(CookieValidatePrincipalContext context)
{
Guid userId = new Guid(_userManager.GetUserId(context.Principal));
Guid cookieId = _sessionManager.GetCurrentSessionId(context.Principal);
AuthSession session = await _sessionManager.GetActiveSessionById(userId, cookieId);
if (session == null)
{
context.RejectPrincipal();
}
else
{
if (context.HttpContext.Connection.RemoteIpAddress != null)
{
AuthSessionIp?authSessionIp = await _authDbContext.AuthSessionIps
.Where(s => s.AuthSession == session)
.Where(s => s.IpAddress == context.HttpContext.Connection.RemoteIpAddress)
.SingleOrDefaultAsync();
if (authSessionIp == null)
{
authSessionIp = new AuthSessionIp
{
AuthSession = session,
IpAddress = context.HttpContext.Connection.RemoteIpAddress
};
_authDbContext.AuthSessionIps.Add(authSessionIp);
await _authDbContext.SaveChangesAsync();
BackgroundJob.Enqueue <ISessionLocationResolver>(s => s.ResolveForAuthSessionIp(authSessionIp.Id));
}
}
_sessionManager.MarkSessionLastUsedNow(session);
}
}
public override async Task SigningIn(CookieSigningInContext context)
{
AppUser user = await _userManager.GetUserAsync(context.Principal);
StringValues userAgent;
context.HttpContext.Request.Headers.TryGetValue("User-Agent", out userAgent);
string?deviceId;
context.HttpContext.Request.Cookies.TryGetValue(DeviceCookieManager.DEVICE_COOKIE_STRING, out deviceId);
DeviceCookie deviceCookie;
if (deviceId == null)
{
deviceCookie = _deviceCookieManager.BuildNewDeviceCookie();
_authDbContext.Add(deviceCookie);
EncryptedDeviceCookie encryptedDeviceCookie = _deviceCookieManager.GetEncryptedDeviceCookie(deviceCookie);
context.Response.Cookies.Append(
DeviceCookieManager.DEVICE_COOKIE_STRING,
encryptedDeviceCookie.EncryptedValue,
new Microsoft.AspNetCore.Http.CookieOptions
{
IsEssential = true,
Expires = new DateTimeOffset(2038, 1, 1, 0, 0, 0, TimeSpan.FromHours(0)),
HttpOnly = true,
}
);
}
else
{
DeviceCookie?potentialDeviceCookie = await _deviceCookieManager.GetDeviceCookieAsync(
new EncryptedDeviceCookie(deviceId)
);
if (potentialDeviceCookie == null)
{
throw new Exception("User has an invalid device cookie: " + deviceId);
}
deviceCookie = potentialDeviceCookie;
}
AuthSession session = new AuthSession
{
CreationTime = SystemClock.Instance.GetCurrentInstant(),
User = user,
UserAgent = userAgent,
DeviceCookie = deviceCookie,
};
_authDbContext.AuthSessions.Add(session);
AuthSessionIp?authSessionIp = null;
if (context.HttpContext.Connection.RemoteIpAddress != null)
{
authSessionIp = new AuthSessionIp
{
AuthSession = session,
IpAddress = context.HttpContext.Connection.RemoteIpAddress,
};
_authDbContext.AuthSessionIps.Add(authSessionIp);
}
await _authDbContext.SaveChangesAsync();
BackgroundJob.Enqueue <ISessionDeviceInfoResolver>(s => s.ResolveForAuthSession(session.Id));
if (authSessionIp != null)
{
BackgroundJob.Enqueue <ISessionLocationResolver>(s => s.ResolveForAuthSessionIp(authSessionIp.Id));
}
ClaimsIdentity identity = (ClaimsIdentity)context.Principal.Identity;
identity.AddClaim(new Claim("cookie_identifier", session.Id.ToString()));
}
