private bool LoginUser(UserInfo userInfo)
{
var user = GetUserFromUserInfo(userInfo);
if (user == null)
{
return(false);
}
var cookie = FormsAuthentication.GetAuthCookie(user.UserId.ToString(), true);
var cookieData = new FormsAuthenticationCookieData
{
["lastlogdate"] = user.LastLoginUtc.ToString(CultureInfo.InvariantCulture),
["lastlogip"] = user.LastLoginIp,
["userkey"] = user.CustomFields["__TCA:COOKIE_KEY"].ToString(),
["userid"] = user.UserId.ToString()
};
var oldTicket = FormsAuthentication.Decrypt(cookie.Value);
var newTicket = new FormsAuthenticationTicket(oldTicket.Version, oldTicket.Name, DateTime.Now,
oldTicket.Expiration.AddDays(30), true, cookieData.ToString());
cookie.Value = FormsAuthentication.Encrypt(newTicket);
HttpContext.Response.Cookies.Add(cookie);
return(true);
}
public ActionResult AsUser(int userId)
{
var currentUser = TCAdmin.SDK.Session.GetCurrentUser();
if (currentUser.DemoMode)
{
TCAdmin.SDK.LogManager.WriteToLog("Impersonation",
$"{currentUser.UserName} tried to impersonate but failed due to they are a demo account.",
true, "Impersonation");
return(Redirect(Request.UrlReferrer?.ToString()));
}
var user = new User(userId);
if (currentUser.UserType == UserType.Admin && user.UserType == UserType.Admin ||
currentUser.UserType == UserType.SubAdmin && user.UserType == UserType.SubAdmin ||
currentUser.UserType == UserType.SubAdmin && user.UserType == UserType.Admin)
{
TCAdmin.SDK.LogManager.WriteToLog("Impersonation",
$"{currentUser.UserName} tried to impersonate {user.UserName} but failed due to {currentUser.UserType} > {user.UserType}",
true, "Impersonation");
return(Redirect(Request.UrlReferrer?.ToString()));
}
var cookie = FormsAuthentication.GetAuthCookie(user.UserId.ToString(), false);
var cookieData = new FormsAuthenticationCookieData
{
["lastlogdate"] = user.LastLoginUtc.ToString(CultureInfo.InvariantCulture),
["lastlogip"] = user.LastLoginIp,
["userkey"] = user.CustomFields["__TCA:COOKIE_KEY"].ToString(),
["userid"] = user.UserId.ToString()
};
var impersonationCookie = new HttpCookie("Impersonation", this.Request.Cookies.Get("__TCAdmin2")?.Value);
var impersonationUserCookie = new HttpCookie("ImpersonationUser", currentUser.UserId.ToString());
HttpContext.Response.Cookies.Add(impersonationCookie);
HttpContext.Response.Cookies.Add(impersonationUserCookie);
var oldTicket = FormsAuthentication.Decrypt(cookie.Value);
var newTicket = new FormsAuthenticationTicket(oldTicket.Version, oldTicket.Name, oldTicket.IssueDate,
oldTicket.Expiration, oldTicket.IsPersistent, cookieData.ToString());
cookie.Value = FormsAuthentication.Encrypt(newTicket);
HttpContext.Response.Cookies.Add(cookie);
TCAdmin.SDK.LogManager.WriteToLog("Impersonation",
$"{currentUser.UserName} is now impersonating as {user.UserName}", true, "Impersonation");
return(Redirect("/"));
}
