private static AuthenticationCookieData ParseAuthenticationCookieData(string cookieData)
{
var userInformation = cookieData.Split('|');
if (userInformation.Length != 5)
{
return(null);
}
int identityID;
Guid sessionID;
if (!int.TryParse(userInformation[0], out identityID) || !Guid.TryParse(userInformation[4], out sessionID))
{
return(null);
}
var authenticationCookieData = new AuthenticationCookieData
{
IdentityID = identityID,
Roles = userInformation[1],
FullName = userInformation[2],
Username = userInformation[3],
SessionID = Guid.Parse(userInformation[4]),
};
return(authenticationCookieData);
}
private static void SetAuthenticationTicket(AuthenticationCookieData cookieData, Guid sessionID)
{
var userInformation = string.Format(
"{0}|{1}|{2}|{3}|{4}",
cookieData.IdentityID,
cookieData.Roles,
cookieData.FullName,
cookieData.Username,
cookieData.SessionID);
var authTicket = new FormsAuthenticationTicket(
version: 1,
name: cookieData.Username,
issueDate: DateTime.UtcNow,
expiration: DateTime.UtcNow.AddYears(10),
isPersistent: true,
userData: userInformation);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpContext.Current.Response.Cookies.Add(authCookie);
}
internal static eProcessUserOutcome ProcessAuthenticatedUser(string username, bool rememberMe, bool redirectOnceLoggedIn, string customerUserSecurityKey)
{
var context = HttpContext.Current;
using (var uow = DIContainer.CreateUnitOfWork())
{
var repo = DIContainer.CreateRepository <IUserRepository>(uow);
var user = repo.FindByName(username);
if (user == null)
{
return(eProcessUserOutcome.InvalidUser);
}
// If this is a client user and the querystring does not contain the security key (and this type of security has been turned on) redirect to the customer user landing page
if (user.IsInRole(eUserRole.ClientUser))
{
if (!string.IsNullOrWhiteSpace(Globals.Configuration.CustomerUserSecurityKey) && !string.IsNullOrWhiteSpace(Globals.Configuration.CustomeUserLandingPage))
{
// If no security key (or incorrect key) in query string redirect to customer user landing page
if (customerUserSecurityKey != Globals.Configuration.CustomerUserSecurityKey)
{
return(eProcessUserOutcome.RedirectToCustomerUserLandingPage);
}
}
}
// If the user is a client user redirect them to the new client portal, rather than logging them in
if (!Properties.Settings.Default.UseOldClientPortal && user.IsInRole(eUserRole.ClientUser))
{
return(eProcessUserOutcome.RedirectToClientPortal);
}
// A user must be a member of at least one role
if (!user.UserRoles.Any())
{
return(eProcessUserOutcome.AccessDenied);
}
// Determine if the user already has an active authentication ticket, for example if they logged in and then ended up here after being redirected to the change password page.
var authTicket = GetCurrentAuthenticationTicket();
var sessionID = Guid.NewGuid();
if (authTicket != null)
{
// Reuse the existing Session ID
var existingAuthenticationCookieData = ParseAuthenticationCookieData(authTicket.UserData);
if (existingAuthenticationCookieData != null)
{
sessionID = existingAuthenticationCookieData.SessionID;
}
}
var authenticationCookieData = new AuthenticationCookieData
{
IdentityID = user.IdentityID,
Roles = user.RoleIDsCommaSeparated,
FullName = user.FullName,
Username = user.UserName,
SessionID = sessionID,
};
SetActiveSession(user, sessionID);
uow.SaveChanges();
SetRememberMeCookie(rememberMe, user.UserName);
SetAuthenticationTicket(authenticationCookieData, sessionID);
}
return(eProcessUserOutcome.Success);
}
