private bool LoginUser(UserInfo userInfo) { var user = GetUserFromUserInfo(userInfo); if (user == null) { return(false); } var cookie = FormsAuthentication.GetAuthCookie(user.UserId.ToString(), true); var cookieData = new FormsAuthenticationCookieData { ["lastlogdate"] = user.LastLoginUtc.ToString(CultureInfo.InvariantCulture), ["lastlogip"] = user.LastLoginIp, ["userkey"] = user.CustomFields["__TCA:COOKIE_KEY"].ToString(), ["userid"] = user.UserId.ToString() }; var oldTicket = FormsAuthentication.Decrypt(cookie.Value); var newTicket = new FormsAuthenticationTicket(oldTicket.Version, oldTicket.Name, DateTime.Now, oldTicket.Expiration.AddDays(30), true, cookieData.ToString()); cookie.Value = FormsAuthentication.Encrypt(newTicket); HttpContext.Response.Cookies.Add(cookie); return(true); }
public ActionResult AsUser(int userId) { var currentUser = TCAdmin.SDK.Session.GetCurrentUser(); if (currentUser.DemoMode) { TCAdmin.SDK.LogManager.WriteToLog("Impersonation", $"{currentUser.UserName} tried to impersonate but failed due to they are a demo account.", true, "Impersonation"); return(Redirect(Request.UrlReferrer?.ToString())); } var user = new User(userId); if (currentUser.UserType == UserType.Admin && user.UserType == UserType.Admin || currentUser.UserType == UserType.SubAdmin && user.UserType == UserType.SubAdmin || currentUser.UserType == UserType.SubAdmin && user.UserType == UserType.Admin) { TCAdmin.SDK.LogManager.WriteToLog("Impersonation", $"{currentUser.UserName} tried to impersonate {user.UserName} but failed due to {currentUser.UserType} > {user.UserType}", true, "Impersonation"); return(Redirect(Request.UrlReferrer?.ToString())); } var cookie = FormsAuthentication.GetAuthCookie(user.UserId.ToString(), false); var cookieData = new FormsAuthenticationCookieData { ["lastlogdate"] = user.LastLoginUtc.ToString(CultureInfo.InvariantCulture), ["lastlogip"] = user.LastLoginIp, ["userkey"] = user.CustomFields["__TCA:COOKIE_KEY"].ToString(), ["userid"] = user.UserId.ToString() }; var impersonationCookie = new HttpCookie("Impersonation", this.Request.Cookies.Get("__TCAdmin2")?.Value); var impersonationUserCookie = new HttpCookie("ImpersonationUser", currentUser.UserId.ToString()); HttpContext.Response.Cookies.Add(impersonationCookie); HttpContext.Response.Cookies.Add(impersonationUserCookie); var oldTicket = FormsAuthentication.Decrypt(cookie.Value); var newTicket = new FormsAuthenticationTicket(oldTicket.Version, oldTicket.Name, oldTicket.IssueDate, oldTicket.Expiration, oldTicket.IsPersistent, cookieData.ToString()); cookie.Value = FormsAuthentication.Encrypt(newTicket); HttpContext.Response.Cookies.Add(cookie); TCAdmin.SDK.LogManager.WriteToLog("Impersonation", $"{currentUser.UserName} is now impersonating as {user.UserName}", true, "Impersonation"); return(Redirect("/")); }