public override HttpHandlerResult Post()
{
var vm = new LoginVM(this);
vm.Restore(Request.FormData());
var user = new HttpUserCredentials {
Username = vm.Username,
Password = vm.Password,
};
var serverSecurity = (HttpSecurityManager)Context.SecurityMgr;
if (!serverSecurity.Authorize(HttpContext.Response, user))
{
vm.AuthMessage = "Invalid Credentials";
vm.Build();
return(Response.View("Login.html", vm));
}
var returnUrl = GetQuery("returnUrl");
if (!string.IsNullOrEmpty(returnUrl))
{
return(Response.RedirectUrl(returnUrl));
}
return(Response.Redirect("/index"));
}
public bool Authorize(HttpListenerRequest request)
{
// Authorization Cookie
var authCookie = request.Cookies[CookieName];
var token = authCookie?.Value;
if (!string.IsNullOrEmpty(token) && userTokens.TryGet(token, out var userContext))
{
userContext.Restart();
return(true);
}
// Authorization Header
var authHeader = request.Headers.Get("Authorization");
if (authHeader != null)
{
// Basic Authorization Header
if (authHeader.StartsWith("Basic ", StringComparison.OrdinalIgnoreCase))
{
var encodedAuth = authHeader.Substring(6).Trim();
var authBytes = Convert.FromBase64String(encodedAuth);
var authKey = Encoding.UTF8.GetString(authBytes);
var i = authKey.IndexOf(':');
if (i >= 0)
{
var userCreds = new HttpUserCredentials {
Username = authKey.Substring(0, i),
Password = authKey.Substring(i + 1),
};
userContext = Authorization.Authorize(userCreds);
if (userContext != null)
{
userContext.Restart();
return(true);
}
}
}
}
return(false);
}
public bool Authorize(HttpListenerResponse response, HttpUserCredentials user)
{
var _user = Authorization.Authorize(user);
if (_user == null)
{
return(false);
}
_user.Lifespan = TimeSpan.FromMinutes(60);
_user.Restart();
userTokens.Add(_user);
var cookie = new Cookie(CookieName, _user.SessionId)
{
Expires = DateTime.Now.AddYears(1),
};
response.SetCookie(cookie);
return(true);
}
public bool Authenticate(HttpListenerResponse response, HttpUserCredentials user)
{
// TODO: Verify new credentials
return(true);
}
