public NotAuthorizedException(AppUserSession sess, List<string> roles)
: base($"You are not authorized to execute this operation.")
{
this.UserID = sess.UserID.Value.ToString();
this.SessionID = sess.SessionID.Value.ToString();
this.Action = sess.Action;
this.Controller = sess.Controller;
this.URI = sess.URI;
this.Roles = roles.ToArray();
}
public AppUserSession StartAnonSession(HttpContext requestContext, System.Web.Http.Controllers.HttpControllerContext ctx)
{
HttpRequest r = requestContext.Request;
if(this.Session == null)
{
ApplicationUser u = this.SetAnonUser();
AppUserSession session = new AppUserSession()
{
Created = DateTime.Now,
Culture = CultureInfo.CurrentCulture.TwoLetterISOLanguageName,
HostAddress = requestContext.Request.UserHostName,
IPAddress = requestContext.Request.UserHostAddress,
LoginCount = 0,
Authenticated = false,
HostName = requestContext.Request.UserHostName,
Expires = DateTime.Now.AddDays(1),
Token = Guid.NewGuid(),
SessionID = Guid.NewGuid(),
Mode = Shared.Enum.AuthMode.LOCAL,
UserID = u.UserID,
Active = true,
Action = ctx.RouteData.Values["action"].ToString(),
Controller = ctx.RouteData.Values["controller"].ToString(),
URI = r.Url.Query
};
if (requestContext.Request.Browser != null)
{
session.Platform = requestContext.Request.Browser.Platform;
session.ScreenWidth = requestContext.Request.Browser.ScreenPixelsWidth.ToString();
session.ScreenHeight = requestContext.Request.Browser.ScreenPixelsHeight.ToString();
session.BrowserName = requestContext.Request.Browser.Browser;
session.UserAgent = requestContext.Request.Browser.Browser;
}
if (requestContext.Request.Browser.IsMobileDevice)
{
session.IsMobileDevice = requestContext.Request.Browser.IsMobileDevice;
session.MobileDeviceName = requestContext.Request.Browser.MobileDeviceModel;
}
this.Session = session;
this.Db.AppUserSessions.Add(session);
this.Db.SaveChanges();
}
return Session;
}
public AppUserSession Login(string username, string password, System.Web.HttpContext requestContext, System.Web.Http.Controllers.HttpControllerContext ctx)
{
if (this.Session == null || this.Session.Authenticated == false)
{
System.Web.HttpRequest r = requestContext.Request;
string pass = GetMd5Hash(this.MD5Hasher, password);
ApplicationUser authUser = this.Db.ApplicationUsers.Where(w => w.UserEmailAddress == username && w.UserPassword == pass).FirstOrDefault();
if (authUser != null)
{
authUser.Roles = this.Db.U2R.Where(w => w.UserID == authUser.UserID).Select(s => s.Role).ToList();
AppUserSession session = new AppUserSession()
{
Authorized = false,
Authenticated = true,
Created = DateTime.Now,
Culture = CultureInfo.CurrentCulture.TwoLetterISOLanguageName,
HostAddress = requestContext.Request.UserHostName,
IPAddress = requestContext.Request.UserHostAddress,
LoginCount = 1,
HostName = requestContext.Request.UserHostName,
Expires = DateTime.Now.AddDays(1),
Platform = requestContext.Request.Browser.Platform,
ScreenWidth = requestContext.Request.Browser.ScreenPixelsWidth.ToString(),
ScreenHeight = requestContext.Request.Browser.ScreenPixelsHeight.ToString(),
Token = Guid.NewGuid(),
SessionID = Guid.NewGuid(),
BrowserName = requestContext.Request.Browser.Browser,
Mode = Shared.Enum.AuthMode.LOCAL,
UserAgent = requestContext.Request.Browser.Browser,
UserID = authUser.UserID,
Active = true,
Action = ctx.RouteData.Values["action"].ToString(),
Controller = ctx.RouteData.Values["controller"].ToString(),
URI = "SECURE"
};
if (requestContext.Request.Browser.IsMobileDevice)
{
session.IsMobileDevice = requestContext.Request.Browser.IsMobileDevice;
session.MobileDeviceName = requestContext.Request.Browser.MobileDeviceModel;
}
this.CurrentUser = authUser;
this.HasAuth = true;
if (authUser.Roles.Count() == 0)
{
throw new Exception($"None of the roles for the user {authUser.UserName} where found.");
}
this.CurrentUserRoles = authUser.Roles;
this.Session = session;
this.Db.AppUserSessions.Add(this.Session);
this.Db.SaveChanges();
return session;
}
else
{
this.HasAuth = false;
this.CurrentUser = null;
this.CurrentUserRoles = null;
this.StartAnonSession(requestContext, ctx);
return null;
}
} else
{
return Session;
}
}
public bool IsExpired(AppUserSession sess)
{
if(sess.Expires < DateTime.Now)
{
return true;
} else
{
return false;
}
}
public bool AlmostExpired(AppUserSession session)
{
if(session.Expires > DateTime.Now.AddHours(-1))
{
this.IsAlmostExpired = true;
return true;
} else
{
this.IsAlmostExpired = false;
return false;
}
}
