public void SignOut(string userName) { if (!string.IsNullOrEmpty(userName)) //remove from ViewElementGrantedToUser { _userProService.RemoveOnlineUsers(userName); var userId = CustomMembershipProvider.GetUserIdCookie() ?? 0; UserViewElement userViewElement = null; if (_viewElementService.AppBase.ViewElementsGrantedToUser.TryGetValue(userId, out userViewElement)) { UserViewElement removedElement = null; _viewElementService.AppBase.ViewElementsGrantedToUser.TryRemove(userId, out removedElement); } } // Delete the authentication ticket and sign out. FormsAuthentication.SignOut(); // Clear authentication cookie CustomMembershipProvider.ClearMembershipCookie(FormsAuthentication.FormsCookieName); CustomMembershipProvider.ClearMembershipCookie(CustomMembershipProvider.UserIdCookieName); CustomMembershipProvider.ClearMembershipCookie(CustomMembershipProvider.PassCodeCookieName); Core.Cmn.AppBase.OnAfterUserSignOut(EventArgs.Empty); //if (redirectToLoginPage) //FormsAuthentication.RedirectToLoginPage(); }
//public void SignIn(string userName, bool createPersistentCookie, bool withCookie) //{ // if (withCookie) // FormsAuthentication.SetAuthCookie(userName, createPersistentCookie); // _userProService.AddOnlineUsers(userName); // var foundUser = _userProService.Filter(a => a.UserName.ToLower() == userName.ToLower()).SingleOrDefault(); // _userProService.AppBase.UserId = foundUser.Id; // _companyService.SetCompany((int)foundUser.User.CompanyChartId); //} public void SignIn(UserProfile userProfile, bool createPersistentCookie, bool withCookie) { if (withCookie) { FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(userProfile.UserName, createPersistentCookie, int.MaxValue); string encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); //authCookie.Secure = FormsAuthentication.RequireSSL; HttpContext.Current.Response.Cookies.Add(authCookie); } // var foundUser = _userProService.Filter(a => a.UserName.ToLower() == userName.ToLower()).SingleOrDefault(); _userProService.AddOnlineUsers(userProfile); //_userProService.AppBase.UserId = userProfile.Id; _companyService.SetCompany((int)userProfile.User.CompanyChartId); _viewElementRoleService.SetViewElementGrantedToUser(userProfile); _companyChartService.SetCompanyChartInfo(userProfile.UserName); CustomMembershipProvider.SetUserIdCookie(userProfile.Id.ToString()); CustomMembershipProvider.SetPassCodeCookie(userProfile.UserName, userProfile.IsDCUser? Security.GetMd5Hash(MD5.Create(), userProfile.DCPassword): userProfile.Password); Core.Cmn.AppBase.OnAfterUserLogin(EventArgs.Empty); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { object area; bool hasArea = httpContext.Request.RequestContext.RouteData.DataTokens.TryGetValue("area", out area); var controller = httpContext.Request.RequestContext.RouteData.Values["controller"].ToString(); var action = httpContext.Request.RequestContext.RouteData.Values["action"].ToString(); var viewElementService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IViewElementService>(); var requestedUrl = hasArea ? string.Format("{0}/{1}/{2}", area, controller, action) : string.Format("{0}/{1}", controller, action); if (httpContext.Request.QueryString.Count > 0) { var rawUrl = httpContext.Request.RawUrl; var queryString = rawUrl.Substring(rawUrl.IndexOf("?")); requestedUrl = string.Format("{0}{1}", requestedUrl, queryString); } var authentication = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IAuthentication>(); int?userId = CustomMembershipProvider.GetUserIdCookie(); if (viewElementService.HasAnonymousAccess(requestedUrl)) { return(true); } if (userId == null) { authentication.SignOut(httpContext.User.Identity.Name); return(false); } else { var userProfileService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IUserProfileService>(); UserProfile foundUserProfile = userProfileService.Filter(entity => entity.Id.Equals(userId.Value)).FirstOrDefault(); if (CustomMembershipProvider.IsUserAuthenticate(foundUserProfile)) { if (!userProfileService.AppBase.OnlineUsers.Any(u => u.UserName.ToLower().Equals(foundUserProfile.UserName))) { authentication.SignIn(foundUserProfile, true, true); } return(viewElementService.HasRoleAccess(foundUserProfile.Id, requestedUrl)); } authentication.SignOut(httpContext.User.Identity.Name); return(false); } }
protected new virtual bool IsAuthorized(HttpActionContext actionContext) { string controller = actionContext.ActionDescriptor.ControllerDescriptor.ControllerName; string action = actionContext.ActionDescriptor.ActionName; string query = actionContext.Request.RequestUri.Query; var queryString = new NameValueCollection(System.Web.HttpUtility.ParseQueryString(query)); var viewElementService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IViewElementService>(); var requestedUrl = string.Format("{0}/{1}", controller, action); return(true); if (queryString.Count > 0) { var queryParams = MakeUrlParameters(queryString); requestedUrl = string.Format("{0}?{1}", requestedUrl, queryParams); } if (viewElementService.HasAnonymousAccess(requestedUrl)) { return(true); } var userId = CustomMembershipProvider.GetUserIdCookie(); //if (userId != null) //{ // var userProfileService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance<IUserProfileService>(); // var foundUserProfile = userProfileService.Find(userId); // if (foundUserProfile != null) // { // var encodedUserName = Security.GetMd5Hash(MD5.Create(), foundUserProfile.UserName); // var passCode = Security.GetMd5Hash(MD5.Create(), string.Format("{0}{1}", encodedUserName, foundUserProfile.Password)); // if (CustomMembershipProvider.ValidatePassCode(passCode)) // { // return viewElementService.RoleHasAccess(foundUserProfile.Id, requestedUrl); // } // } //} if (userId.HasValue && CustomMembershipProvider.IsCurrentUserAuthenticate()) { return(viewElementService.HasRoleAccess(userId.Value, requestedUrl)); } return(false); }