C# (CSharp) AuthCookie.GetCurrent示例

示例#1

        public static void SignOut(ISecurityService authenticationService)
        {
            var cookie = AuthCookie.GetCurrent();

            if (cookie != null)
            {
                if (!string.IsNullOrEmpty(cookie.SessionUid))
                {
                    HttpContext.Current.Cache.Remove(cookie.SessionUid);
                    //ICacheService cacheService = ((IContainer)System.Web.HttpContext.Current.Application["container"]).Resolve<ICacheService>();
                    //cacheService.Remove(string.Format("UserSessionID:{0}", cookie.SessionUid));
                    if (string.IsNullOrEmpty(cookie.Username))
                    {
                        authenticationService.SignOut(cookie.SessionUid);
                    }
                }

                cookie.SessionUid = null;
                cookie.Username   = null;
                cookie.UserRoles  = null;
                cookie.BranchCode = null;
                cookie.AuthExpiry = Helper.GetLocalDate().AddDays(-1);
                cookie.Delete();
            }

            //create a new anonymous identity/principal.
            var identity  = new System.Security.Principal.GenericIdentity("");
            var principal = new System.Security.Principal.GenericPrincipal(identity, null);

            //assign the anonymous principle to the context
            System.Web.HttpContext.Current.User      = principal;
            System.Threading.Thread.CurrentPrincipal = principal;
        }

示例#2

        public static string CheckAccessByCookie()
        {
            var current        = AuthCookie.GetCurrent();
            var settings       = SecurityConfig.GetCurrent();
            var cookieNotFound = (current == null || current.SessionUid == null);

            AuthenticationDataDto dto = null;

            if (cookieNotFound || (settings.Cookie.CookieOnlyCheck && current.AuthExpiry < Helper.GetLocalDate()))
            {
                return(null);
            }
            else if (!settings.Cookie.CookieOnlyCheck)
            {
                dto = Access.Renew(current.SessionUid);
                if (dto == null)
                {
                    return(null);
                }
                else
                {
                    return(string.Format("{0}||{1}", dto.Username.Trim(), dto.Roles.Trim()));
                }
            }
            else if (settings.Cookie.CookieOnlyCheck)
            {
                return(string.Format("{0}||{1}", current.Username.Trim(), current.UserRoles.Trim()));
            }
            return(null);
        }

示例#3

        internal static bool IsSessionActive(string sessionId)
        {
            if (string.IsNullOrEmpty(sessionId))
            {
                return(false);
            }
            var settings = SecurityConfig.GetCurrent();
            var current  = AuthCookie.GetCurrent();
            ISecurityService authenticationService = ((IContainer)System.Web.HttpContext.Current.Application["container"]).Resolve <ISecurityService>();
            var  userObject = authenticationService.GetUserBySessionId(sessionId);
            bool isActive   = false;

            if (userObject != null)
            {
                if ((!userObject.CurrentSessionId.HasValue || sessionId != userObject.CurrentSessionId.ToString()) ||
                    (userObject.LastActivityDate.Value.AddMinutes(settings.Cookie.Timeout) > Helper.GetLocalDate()) ||
                    ((userObject.ApprovalStatus != Constants.ApprovalStatus.Approved) || userObject.IsLockedOut || userObject.IsDeleted))
                {
                    if (userObject.LastActivityDate.Value.AddMinutes(settings.Cookie.Timeout) > Helper.GetLocalDate())
                    {
                        isActive = true;
                    }
                }
            }

            return(isActive);
        }

示例#4

文件： SecurityFilter.cs 项目： Johnobasi/PManagement

        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            base.OnAuthorization(filterContext);
            if (!_authorizationStatus)
            {
                var settings  = SecurityConfig.GetCurrent();
                var current   = AuthCookie.GetCurrent();
                var sessionID = string.Empty;
                if (current != null)
                {
                    sessionID = current.SessionUid;
                    current.Delete();
                }

                string loginUrl = (settings.Login.Url + settings.Login.Page).ToLower();

                var rawUrl      = filterContext.HttpContext.Request.RawUrl;
                var redirectUrl = string.Empty;

                if (!string.IsNullOrEmpty(rawUrl) && rawUrl != loginUrl)
                {
                    if (!rawUrl.Contains("xxkeyxx")) //auto logout key
                    {
                        if (!Access.IsSessionActive(sessionID))
                        {
                            redirectUrl = "?ReturnUrl=" + HttpUtility.UrlEncode(rawUrl, filterContext.HttpContext.Request.ContentEncoding);
                        }
                        else
                        {
                            redirectUrl = string.Empty;
                        }

                        AddAlert(AlertStyles.Danger, "Your session has expired or you do not have access to the page you are trying to access.", true);
                    }
                    else
                    {
                        AddAlert(AlertStyles.Danger, string.Format("You have been logged out due to inactivity for {0} minutes. Please log in again.", SecurityConfig.GetCurrent().Cookie.Timeout), true);
                    }
                }

                if (!string.IsNullOrEmpty(sessionID))
                {
                    var context         = HttpContext.Current;
                    var securityService = ((IContainer)context.Application["container"]).Resolve <ISecurityService>();
                    securityService.SignOut(sessionID);
                }

                filterContext.Result = new RedirectResult(loginUrl + redirectUrl);
                return;
            }
        }

示例#5

        private static ISecurityService PerfomAccessCheck(HttpContextBase context)
        {
            var settings = SecurityConfig.GetCurrent();
            var current  = AuthCookie.GetCurrent();
            ISecurityService authenticationService = ((IContainer)System.Web.HttpContext.Current.Application["container"]).Resolve <ISecurityService>();

            var cookieNotFound = (current == null || current.SessionUid == null);
            var cookiedDeleted = false;

            AuthenticationDataDto dto = null;

            if (cookieNotFound)
            {
                if (current != null)
                {
                    current.Delete();
                    cookiedDeleted = true;
                }
            }
            else if (settings.Cookie.CookieOnlyCheck && current.AuthExpiry < Helper.GetLocalDate())
            {
                current.Delete();
                cookiedDeleted = true;
            }
            else if (!settings.Cookie.CookieOnlyCheck)
            {
                dto = Access.Renew(current.SessionUid, authenticationService);
                if (dto == null)
                {
                    current.Delete();
                    cookiedDeleted = true;
                }
            }

            if (!cookiedDeleted)
            {
                if (dto == null)
                {
                    dto = new AuthenticationDataDto();
                }

                Identity identity = new Identity(new Guid(current.SessionUid),
                                                 settings.Cookie.CookieOnlyCheck ? current.Username : dto.Username,
                                                 settings.Cookie.CookieOnlyCheck ? current.UserRoles : dto.Roles, dto.FullName,
                                                 settings.Cookie.CookieOnlyCheck ? current.BranchCode : dto.BranchCode,
                                                 settings.Cookie.CookieOnlyCheck ? current.AccountType : dto.AccountType);
                var principal = new Principal(identity, identity.Roles, identity.AccountType);
                context.User            = principal;
                Thread.CurrentPrincipal = principal;

                if (settings.Cookie.SlidingExpiration && settings.Cookie.CookieOnlyCheck)
                {
                    current.AuthExpiry = Helper.GetLocalDate().AddMinutes(settings.Cookie.Timeout);
                    current.Save();
                }
            }

            var ip = context.Request.UserHostAddress;

            return(authenticationService);
        }