Пример #1
0
 /// <summary>
 /// Logs the use out, clears session and redirects the user to the login page.
 /// </summary>
 public virtual void LogOut(IAuthenticationManager auth = null, bool logThis = false)
 {
     try
     {
         if (logThis)
         {
             try
             {
                 var funMemUser = GetCurrentlyLoggedInUser();
                 if (funMemUser != null)
                 {
                     _httpContext.Session[SS_CURRENT_USER] = funMemUser;
                     MyServiceLocator.GetInstance <IAuditTrailLogger>().AuditLogin(EventType.Logout);
                 }
             }
             catch { }
         }
         _httpContext.Session.Clear();
         _httpContext.Session.Abandon();
         if (auth == null)
         {
             auth = _httpContext.GetOwinContext().Authentication;
         }
         auth.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
     }
     catch (Exception ex)
     {
         Utilities.Logger.Log(ex);
     }
 }
Пример #2
0
        public static HashSet <ActionAccessPrivilege> SetLoggedInUsersPrivileges(this AppUser user)
        {
            HashSet <ActionAccessPrivilege> list = new HashSet <ActionAccessPrivilege>();
            var    _userRoleEngine = MyServiceLocator.GetInstance <ICoreDAO <UserRole> >();
            string instCode        = user.InstitutionCode;

            _userRoleEngine.InstitutionCode = instCode;

            var theUserRoles = _userRoleEngine.RetrieveByIDs(user.UserRoleIDs.ToArray());

            var privilegesInDb = DataCacheMVC.AllPrivileges;

            if (theUserRoles != null && theUserRoles.Count > 0)
            {
                ActionAccessPrivilege privilege;
                string roleNames = string.Empty;
                foreach (var userRole in theUserRoles)
                {
                    roleNames += $"{userRole.Name} / ";
                    foreach (var priv in userRole.PrivilegeIDs)
                    {
                        if (privilegesInDb.TryGetValue(priv, out privilege) && privilege != null)
                        {
                            list.Add(privilege);
                        }
                    }
                }
                user.RoleNames = roleNames.Substring(0, roleNames.Length - 3);
            }
            var defaultPrivs = privilegesInDb.Values.Where(x => x.IsDefault);

            if (!string.IsNullOrWhiteSpace(instCode)) // If Tenant
            {
                defaultPrivs = defaultPrivs.Where(x => x.Scope != AccessScope.CentralOnly);
            }
            else
            {
                defaultPrivs = defaultPrivs.Where(x => x.Scope != AccessScope.TenantsOnly);
            }
            foreach (var priv in defaultPrivs)
            {
                list.Add(priv);
            }

            WebUtilities.LoggedInUsersPrivilegesDict = list.ToDictionary(x => x.Name, StringComparer.OrdinalIgnoreCase);
            return(list);
        }
Пример #3
0
        public virtual IdentityUser GetCurrentlyLoggedInUser()
        {
            try
            {
                var session = _httpContext.Session;
                if (session != null)
                {
                    IdentityUser user = session[SS_CURRENT_USER] as IdentityUser;
                    if (user == null)
                    {
                        if (_httpContext.User != null && _httpContext.User.Identity != null &&
                            _httpContext.User.Identity.IsAuthenticated)
                        {
                            var dao = MyServiceLocator.GetInstance <IAppUserDAO <IdentityUser> >();
                            dao.InstitutionCode = InstitutionCode;
                            var userId = _httpContext.User.Identity.GetUserId <long>();
                            if (userId > 0)
                            {
                                user = dao.Retrieve(userId);
                            }
                            if (user == null)
                            {
                                throw new LogOutUserException($"Called WebHelper.GetCurrentlyLoggedInUser(): Failed to get user [id: {userId}. instCode: {dao.InstitutionCode}]");
                            }

                            user.InstitutionCode = dao.InstitutionCode; //Needful? Maybe not.
                            _httpContext.Session[SS_CURRENT_USER] = user;
                        }
                    }
                    return(user);
                }
                return(null);
            }
            catch (Exception ex) when(!(ex is LogOutUserException))
            {
                Utilities.Logger.Log(ex);
                return(null);
            }
        }