public static IAuthSession GetSession(this IHttpRequest httpReq, bool reload = false)
{
if (httpReq == null) return null;
object oSession = null;
if (!reload)
httpReq.Items.TryGetValue(RequestItemsSessionKey, out oSession);
if (oSession != null)
return (IAuthSession)oSession;
using (var cache = httpReq.GetCacheClient())
{
var sessionId = httpReq.GetSessionId();
var session = cache.Get<IAuthSession>(SessionFeature.GetSessionKey(sessionId));
if (session == null)
{
session = AuthService.CurrentSessionFactory();
session.Id = sessionId;
session.CreatedAt = session.LastModified = DateTime.UtcNow;
session.OnCreated(httpReq);
}
httpReq.Items.Add(RequestItemsSessionKey, session);
return session;
}
}
public static IAuthSession GetSession(this ICacheClient cache, string sessionId)
{
var session = cache.Get <IAuthSession>(SessionFeature.GetSessionKey(sessionId));
if (session == null)
{
session = AuthService.CurrentSessionFactory();
session.Id = sessionId;
session.CreatedAt = session.LastModified = DateTime.UtcNow;
}
return(session);
}
public static void RemoveSession(this IHttpRequest httpReq)
{
if (httpReq == null) return;
using (var cache = httpReq.GetCacheClient())
{
var sessionKey = SessionFeature.GetSessionKey(httpReq.GetSessionId());
cache.Remove(sessionKey);
}
httpReq.Items.Remove(RequestItemsSessionKey);
}
public static void SaveSession(this IHttpRequest httpReq, IAuthSession session, TimeSpan? expiresIn = null)
{
if (httpReq == null) return;
using (var cache = httpReq.GetCacheClient())
{
var sessionKey = SessionFeature.GetSessionKey(httpReq.GetSessionId());
cache.CacheSet(sessionKey, session, expiresIn ?? AuthFeature.GetDefaultSessionExpiry());
}
httpReq.Items[RequestItemsSessionKey] = session;
}
public static TUserSession SessionAs <TUserSession>(this ICacheClient cache)
{
if (SessionKey != null)
{
return(cache.Get <TUserSession>(SessionKey));
}
SessionFeature.CreateSessionIds();
var unAuthorizedSession = typeof(TUserSession).CreateInstance();
return((TUserSession)unAuthorizedSession);
}
//Also shared by RequiredRoleAttribute and RequiredPermissionAttribute
public static void AuthenticateIfBasicAuth(IHttpRequest req, IHttpResponse res)
{
//Need to run SessionFeature filter since its not executed before this attribute (Priority -100)
SessionFeature.AddSessionIdToRequestFilter(req, res, null); //Required to get req.GetSessionId()
var userPass = req.GetBasicAuthUserAndPassword();
if (userPass != null)
{
var authService = req.TryResolve <AuthService>();
authService.RequestContext = new HttpRequestContext(req, res, null);
var response = authService.Post(new Auth.Auth {
provider = BasicAuthProvider.Name,
UserName = userPass.Value.Key,
Password = userPass.Value.Value
});
}
}
protected TUserSession SessionAs <TUserSession>()
{
if (userSession != null)
{
return((TUserSession)userSession);
}
if (SessionKey != null)
{
userSession = this.GetAppHost().GetCacheClient().Get <TUserSession>(SessionKey);
}
else
{
SessionFeature.CreateSessionIds();
}
var unAuthorizedSession = typeof(TUserSession).CreateInstance();
return((TUserSession)(userSession ?? (userSession = unAuthorizedSession)));
}
protected virtual TUserSession SessionAs <TUserSession>()
{
if (userSession != null)
{
return((TUserSession)userSession);
}
if (SessionKey != null)
{
userSession = Cache.Get <TUserSession>(SessionKey);
}
else
{
SessionFeature.CreateSessionIds();
}
var unAuthorizedSession = typeof(TUserSession).CreateInstance();
return((TUserSession)(userSession ?? (userSession = unAuthorizedSession)));
}
public static TUserSession SessionAs <TUserSession>(this ICacheClient cache,
IHttpRequest httpReq = null, IHttpResponse httpRes = null)
{
var sessionKey = GetSessionKey(httpReq);
if (sessionKey != null)
{
var userSession = cache.Get <TUserSession>(sessionKey);
if (!Equals(userSession, default(TUserSession)))
{
return(userSession);
}
}
if (sessionKey == null)
{
SessionFeature.CreateSessionIds(httpReq, httpRes);
}
var unAuthorizedSession = (TUserSession)typeof(TUserSession).CreateInstance();
return(unAuthorizedSession);
}
public static void AuthenticateIfDigestAuth(IHttpRequest req, IHttpResponse res)
{
//Need to run SessionFeature filter since its not executed before this attribute (Priority -100)
SessionFeature.AddSessionIdToRequestFilter(req, res, null); //Required to get req.GetSessionId()
var digestAuth = req.GetDigestAuth();
if (digestAuth != null)
{
var authService = req.TryResolve <AuthService>();
authService.RequestContext = new HttpRequestContext(req, res, null);
var response = authService.Post(new Auth.Auth
{
provider = DigestAuthProvider.Name,
nonce = digestAuth["nonce"],
uri = digestAuth["uri"],
response = digestAuth["response"],
qop = digestAuth["qop"],
nc = digestAuth["nc"],
cnonce = digestAuth["cnonce"],
UserName = digestAuth["username"]
});
}
}
public static string GetSessionKey(IHttpRequest httpReq = null)
{
var sessionId = SessionFeature.GetSessionId(httpReq);
return(sessionId == null ? null : SessionFeature.GetSessionKey(sessionId));
}