Пример #1
0
        public void OnResourceExecuting(ResourceExecutingContext context)
        {
            var tenant   = CoreContext.TenantManager.GetCurrentTenant(context.HttpContext);
            var settings = IPRestrictionsSettings.LoadForTenant(tenant.TenantId);

            if (settings.Enable && SecurityContext.IsAuthenticated && !IPSecurity.IPSecurity.Verify(context.HttpContext, tenant))
            {
                context.Result = new StatusCodeResult((int)HttpStatusCode.Forbidden);
                log.WarnFormat("IPSecurity: Tenant {0}, user {1}", tenant.TenantId, SecurityContext.CurrentAccount.ID);
                return;
            }
        }
Пример #2
0
        private void BlockIPSecurityPortal(Tenant tenant)
        {
            if (tenant == null)
            {
                return;
            }

            var settings = IPRestrictionsSettings.LoadForTenant(tenant.TenantId);

            if (settings.Enable && SecurityContext.IsAuthenticated && !IPSecurity.IPSecurity.Verify(tenant))
            {
                Auth.ProcessLogout();

                ResponseRedirect("~/Auth.aspx?error=ipsecurity", HttpStatusCode.Forbidden);
            }
        }