private void OnRequestStart(IRequest request, IResponse response, object dto) { if (dto == null) { return; } var session = request.GetSession(); if (!session.IsAuthenticated) { return; } if (dto is Authenticate authenticateDto && !AuthenticateService.LogoutAction.EqualsIgnoreCase(authenticateDto.provider)) { var copy = AuthenticateService.CurrentSessionFactory().PopulateWith(session); request.Items[SessionCopyRequestItemKey] = copy; // clear details to allow credentials to be rechecked, // otherwise IsAuthorized will just return, bypassing the auth provider's Authenticate method // fields cleared LoginMatchesSession session.UserAuthName = null; session.Email = null; } }
/// <summary> /// Creates a new Session without an Id /// </summary> public static IAuthSession CreateNewSession(IRequest httpReq) { var session = AuthenticateService.CurrentSessionFactory(); session.CreatedAt = session.LastModified = DateTime.UtcNow; session.OnCreated(httpReq); var authEvents = HostContext.TryResolve <IAuthEvents>(); authEvents?.OnCreated(httpReq, session); return(session); }
public void Register(IAppHost appHost) { var s = AuthenticateService.CurrentSessionFactory() as IWebSudoAuthSession; if (s == null) { throw new NotSupportedException("The IUserAuth session must also implement IWebSudoAuthSession"); } appHost.GlobalRequestFilters.Add(OnRequestStart); appHost.GlobalResponseFilters.Add(OnRequestEnd); var authFeature = appHost.GetPlugin <AuthFeature>(); authFeature.AuthEvents.Add(this); }
public static IAuthSession GetSession(this IRequest httpReq, bool reload = false) { if (httpReq == null) { return(null); } object oSession = null; if (!reload) { httpReq.Items.TryGetValue(RequestItemsSessionKey, out oSession); } if (oSession != null) { return((IAuthSession)oSession); } using (var cache = httpReq.GetCacheClient()) { var sessionId = httpReq.GetSessionId(); var session = cache.Get <IAuthSession>(SessionFeature.GetSessionKey(sessionId)); if (session == null) { session = AuthenticateService.CurrentSessionFactory(); session.Id = sessionId; session.CreatedAt = session.LastModified = DateTime.UtcNow; session.OnCreated(httpReq); var authEvents = HostContext.TryResolve <IAuthEvents>(); if (authEvents != null) { authEvents.OnCreated(httpReq, session); } } if (httpReq.Items.ContainsKey(RequestItemsSessionKey)) { httpReq.Items.Remove(RequestItemsSessionKey); } httpReq.Items.Add(RequestItemsSessionKey, session); return(session); } }
public static IAuthSession CreateNewSession(IRequest httpReq, string sessionId) { var session = AuthenticateService.CurrentSessionFactory(); session.Id = sessionId ?? CreateSessionIds(httpReq); session.CreatedAt = session.LastModified = DateTime.UtcNow; session.OnCreated(httpReq); var authEvents = HostContext.TryResolve <IAuthEvents>(); if (authEvents != null) { authEvents.OnCreated(httpReq, session); } return(session); }