public void SignOut(string userName)
{
if (!string.IsNullOrEmpty(userName))
//remove from ViewElementGrantedToUser
{
_userProService.RemoveOnlineUsers(userName);
var userId = CustomMembershipProvider.GetUserIdCookie() ?? 0;
UserViewElement userViewElement = null;
if (_viewElementService.AppBase.ViewElementsGrantedToUser.TryGetValue(userId, out userViewElement))
{
UserViewElement removedElement = null;
_viewElementService.AppBase.ViewElementsGrantedToUser.TryRemove(userId, out removedElement);
}
}
// Delete the authentication ticket and sign out.
FormsAuthentication.SignOut();
// Clear authentication cookie
CustomMembershipProvider.ClearMembershipCookie(FormsAuthentication.FormsCookieName);
CustomMembershipProvider.ClearMembershipCookie(CustomMembershipProvider.UserIdCookieName);
CustomMembershipProvider.ClearMembershipCookie(CustomMembershipProvider.PassCodeCookieName);
Core.Cmn.AppBase.OnAfterUserSignOut(EventArgs.Empty);
//if (redirectToLoginPage)
//FormsAuthentication.RedirectToLoginPage();
}
//public void SignIn(string userName, bool createPersistentCookie, bool withCookie)
//{
// if (withCookie)
// FormsAuthentication.SetAuthCookie(userName, createPersistentCookie);
// _userProService.AddOnlineUsers(userName);
// var foundUser = _userProService.Filter(a => a.UserName.ToLower() == userName.ToLower()).SingleOrDefault();
// _userProService.AppBase.UserId = foundUser.Id;
// _companyService.SetCompany((int)foundUser.User.CompanyChartId);
//}
public void SignIn(UserProfile userProfile, bool createPersistentCookie, bool withCookie)
{
if (withCookie)
{
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(userProfile.UserName, createPersistentCookie, int.MaxValue);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
//authCookie.Secure = FormsAuthentication.RequireSSL;
HttpContext.Current.Response.Cookies.Add(authCookie);
}
// var foundUser = _userProService.Filter(a => a.UserName.ToLower() == userName.ToLower()).SingleOrDefault();
_userProService.AddOnlineUsers(userProfile);
//_userProService.AppBase.UserId = userProfile.Id;
_companyService.SetCompany((int)userProfile.User.CompanyChartId);
_viewElementRoleService.SetViewElementGrantedToUser(userProfile);
_companyChartService.SetCompanyChartInfo(userProfile.UserName);
CustomMembershipProvider.SetUserIdCookie(userProfile.Id.ToString());
CustomMembershipProvider.SetPassCodeCookie(userProfile.UserName, userProfile.IsDCUser? Security.GetMd5Hash(MD5.Create(), userProfile.DCPassword): userProfile.Password);
Core.Cmn.AppBase.OnAfterUserLogin(EventArgs.Empty);
}
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
object area;
bool hasArea = httpContext.Request.RequestContext.RouteData.DataTokens.TryGetValue("area", out area);
var controller = httpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
var action = httpContext.Request.RequestContext.RouteData.Values["action"].ToString();
var viewElementService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IViewElementService>();
var requestedUrl = hasArea ? string.Format("{0}/{1}/{2}", area, controller, action) : string.Format("{0}/{1}", controller, action);
if (httpContext.Request.QueryString.Count > 0)
{
var rawUrl = httpContext.Request.RawUrl;
var queryString = rawUrl.Substring(rawUrl.IndexOf("?"));
requestedUrl = string.Format("{0}{1}", requestedUrl, queryString);
}
var authentication = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IAuthentication>();
int?userId = CustomMembershipProvider.GetUserIdCookie();
if (viewElementService.HasAnonymousAccess(requestedUrl))
{
return(true);
}
if (userId == null)
{
authentication.SignOut(httpContext.User.Identity.Name);
return(false);
}
else
{
var userProfileService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IUserProfileService>();
UserProfile foundUserProfile = userProfileService.Filter(entity => entity.Id.Equals(userId.Value)).FirstOrDefault();
if (CustomMembershipProvider.IsUserAuthenticate(foundUserProfile))
{
if (!userProfileService.AppBase.OnlineUsers.Any(u => u.UserName.ToLower().Equals(foundUserProfile.UserName)))
{
authentication.SignIn(foundUserProfile, true, true);
}
return(viewElementService.HasRoleAccess(foundUserProfile.Id, requestedUrl));
}
authentication.SignOut(httpContext.User.Identity.Name);
return(false);
}
}
protected new virtual bool IsAuthorized(HttpActionContext actionContext)
{
string controller = actionContext.ActionDescriptor.ControllerDescriptor.ControllerName;
string action = actionContext.ActionDescriptor.ActionName;
string query = actionContext.Request.RequestUri.Query;
var queryString = new NameValueCollection(System.Web.HttpUtility.ParseQueryString(query));
var viewElementService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance <IViewElementService>();
var requestedUrl = string.Format("{0}/{1}", controller, action);
return(true);
if (queryString.Count > 0)
{
var queryParams = MakeUrlParameters(queryString);
requestedUrl = string.Format("{0}?{1}", requestedUrl, queryParams);
}
if (viewElementService.HasAnonymousAccess(requestedUrl))
{
return(true);
}
var userId = CustomMembershipProvider.GetUserIdCookie();
//if (userId != null)
//{
// var userProfileService = ServiceBase.DependencyInjectionFactory.CreateInjectionInstance<IUserProfileService>();
// var foundUserProfile = userProfileService.Find(userId);
// if (foundUserProfile != null)
// {
// var encodedUserName = Security.GetMd5Hash(MD5.Create(), foundUserProfile.UserName);
// var passCode = Security.GetMd5Hash(MD5.Create(), string.Format("{0}{1}", encodedUserName, foundUserProfile.Password));
// if (CustomMembershipProvider.ValidatePassCode(passCode))
// {
// return viewElementService.RoleHasAccess(foundUserProfile.Id, requestedUrl);
// }
// }
//}
if (userId.HasValue && CustomMembershipProvider.IsCurrentUserAuthenticate())
{
return(viewElementService.HasRoleAccess(userId.Value, requestedUrl));
}
return(false);
}
