public async Task <ActionResult> Login(string errorMessage = null, string ReturnUrl = null) { if (User.Identity.IsAuthenticated) { return(RedirectToAction("Index", "Home", new { status = 2 })); } ObserverDbContext _db = new ObserverDbContext(); try { string sessionId = Request.Cookies.Get("SessionId").Value; string sessionKey = Request.Cookies.Get("SessionKey").Value; string myUserAgent = Request.UserAgent; var session = _db.LoginSessions .Where(e => e.Id == sessionId) .FirstOrDefault(); if (session.UserAgent == myUserAgent && session.Key == sessionKey && (session.Status == 3 || session.Status == 5) && session.Status != 6 && session.SessionDate.AddMonths(2) > DateTime.UtcNow) { ApplicationUser user = UserManager.FindById(session.Users.Id); await SignInManager.SignInAsync(user, true, true); string newId = Guid.NewGuid().ToString(); string newKey = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString())); LoginSessionsModel newSession = new LoginSessionsModel() { Id = newId, Key = newKey, Status = 3, Users = session.Users, Ip = Request.UserHostAddress, UserAgent = Request.UserAgent, DateCreation = DateTime.UtcNow, SessionDate = session.SessionDate }; session.Status = 6; HttpCookie SessionCookie = new HttpCookie("SessionId"); SessionCookie.Value = newId; SessionCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionCookie); HttpCookie SessionKeyCookie = new HttpCookie("SessionKey"); SessionKeyCookie.Value = newKey; SessionKeyCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionKeyCookie); _db.LoginSessions.Add(newSession); _db.SaveChanges(); if (String.IsNullOrEmpty(ReturnUrl)) { return(RedirectToAction("Index", "Home", new { status = 13, name = session.Users.Name })); } else { if (ReturnUrl.Contains("?")) { ReturnUrl = ReturnUrl + "&status=13&name=" + session.Users.Name; } else { ReturnUrl = ReturnUrl + "?status=13&name=" + session.Users.Name; } return(Redirect(ReturnUrl)); } } else { string loginSessionId = Guid.NewGuid().ToString(); string key = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString(); Uri url = new Uri(Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/QRLogin?Id=" + loginSessionId + "&Key=" + key); string image = QRCodeServiceManager.GenerateLoginQRCode(url.ToString()); LoginSessionsModel loginSession = new LoginSessionsModel() { Id = loginSessionId, Status = 1, Key = key, Ip = Request.UserHostAddress, UserAgent = Request.UserAgent, DateCreation = DateTime.UtcNow, SessionDate = DateTime.UtcNow, Path = ReturnUrl }; session.Status = 6; _db.LoginSessions.Add(loginSession); _db.SaveChanges(); ViewBag.LoginSessionId = loginSessionId; ViewBag.Key = key; ViewBag.QRImage = image; HttpCookie SessionCookie = new HttpCookie("SessionId"); SessionCookie.Value = null; SessionCookie.Expires = DateTime.Now.AddYears(-10); Response.SetCookie(SessionCookie); HttpCookie SessionKeyCookie = new HttpCookie("SessionKey"); SessionKeyCookie.Value = null; SessionKeyCookie.Expires = DateTime.Now.AddYears(-10); Response.SetCookie(SessionKeyCookie); return(View("Login")); } } catch (NullReferenceException e) { e.ToString(); string loginSessionId = Guid.NewGuid().ToString(); string key = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString(); Uri url = new Uri(Request.Url.Scheme + "://" + Request.Url.Host + ":" + Request.Url.Port + "/QRLogin?Id=" + loginSessionId + "&Key=" + key); string image = QRCodeServiceManager.GenerateLoginQRCode(url.ToString()); LoginSessionsModel loginSession = new LoginSessionsModel() { Id = loginSessionId, Status = 1, Key = key, Ip = Request.UserHostAddress, UserAgent = Request.UserAgent, DateCreation = DateTime.UtcNow, SessionDate = DateTime.UtcNow, Path = ReturnUrl }; _db.LoginSessions.Add(loginSession); _db.SaveChanges(); ViewBag.LoginSessionId = loginSessionId; ViewBag.Key = key; ViewBag.QRImage = image; HttpCookie SessionCookie = new HttpCookie("SessionId"); SessionCookie.Value = null; SessionCookie.Expires = DateTime.Now.AddYears(-10); Response.SetCookie(SessionCookie); HttpCookie SessionKeyCookie = new HttpCookie("SessionKey"); SessionKeyCookie.Value = null; SessionKeyCookie.Expires = DateTime.Now.AddYears(-10); Response.SetCookie(SessionKeyCookie); return(View("Login")); } }
public async Task <JsonResult> CheckLoginStatus(string SessionId, string SessionKey) { ObserverDbContext _db = new ObserverDbContext(); var query = _db.LoginSessions .Where(e => e.Id == SessionId) .FirstOrDefault(); if (query.Key == SessionKey) { if (query.SessionDate.AddMinutes(30) < DateTime.UtcNow) { query.Status = 6; _db.SaveChanges(); return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Expired' }"))); } else if (query.Status == 3 || query.Status == 5) { ApplicationUser user = UserManager.Users .Where(e => e.Id == query.Users.Id) .FirstOrDefault(); await SignInManager.SignInAsync(user, true, true); string key = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString())); query.Key = key; _db.SaveChanges(); HttpCookie SessionCookie = new HttpCookie("SessionId"); SessionCookie.Value = query.Id; SessionCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionCookie); HttpCookie SessionKeyCookie = new HttpCookie("SessionKey"); SessionKeyCookie.Value = key; SessionKeyCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionKeyCookie); return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'LoginReady', 'Path': '" + query.Path + "' }"))); } else if (query.Status == 1 || query.Status == 2 || query.Status == 4) { if (query.Status == 2) { return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'QRPending', 'SessionCode': '" + query.SessionCode + "' }"))); } else { return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Pending' }"))); } } else { return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Expired' }"))); } } else { return(Json(new JavaScriptSerializer().Deserialize <object>("{ 'Status': 'Invalid Session' }"))); } }
public async Task <ActionResult> QRLogin(string Id, string Key) { ObserverDbContext _db = new ObserverDbContext(); string userId = null; try { string sessionId = Request.Cookies.Get("SessionId").Value; string sessionKey = Request.Cookies.Get("SessionKey").Value; var session = _db.LoginSessions .Where(e => e.Id == sessionId) .FirstOrDefault(); if (session.Key == sessionKey && (session.Status == 3 || session.Status == 5) && session.Status != 6 && session.SessionDate.AddMonths(2) > DateTime.UtcNow) { ApplicationUser user = UserManager.FindById(session.Users.Id); userId = user.Id; await SignInManager.SignInAsync(user, true, true); string newId = Guid.NewGuid().ToString(); string newKey = HashingAlgorithmServiceManager.GenerateSHA256(Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString()), Encoding.ASCII.GetBytes(EncryptionAlgorithmServiceManager.GetRNGGuid().ToString())); LoginSessionsModel newSession = new LoginSessionsModel() { Id = newId, Key = newKey, Status = 3, Users = session.Users, DateCreation = DateTime.UtcNow, SessionDate = session.SessionDate }; session.Status = 6; HttpCookie SessionCookie = new HttpCookie("SessionId"); SessionCookie.Value = newId; SessionCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionCookie); HttpCookie SessionKeyCookie = new HttpCookie("SessionKey"); SessionKeyCookie.Value = newKey; SessionKeyCookie.Expires = DateTime.Now.AddMonths(2); Response.SetCookie(SessionKeyCookie); _db.LoginSessions.Add(newSession); _db.SaveChanges(); } else { RedirectToAction("Login", "Identity"); } } catch (NullReferenceException e) { RedirectToAction("Login", "Identity"); } var loginSession = _db.LoginSessions .Where(e => e.Id == Id) .FirstOrDefault(); if (loginSession.SessionDate.AddMinutes(30) < DateTime.UtcNow) { loginSession.Status = 6; _db.SaveChanges(); return(RedirectToAction("Index", "Home", new { status = 12 })); } else { var user = _db.Users .Where(e => e.Id == userId) .FirstOrDefault(); string proceedKey = EncryptionAlgorithmServiceManager.GetRNGGuid().ToString(); Random random = new Random(); int randomInt = random.Next(999); while (randomInt < 100) { randomInt = random.Next(999); } string sessionCode = randomInt.ToString(); if (loginSession.Status == 1) { loginSession.Status = 2; loginSession.Users = user; loginSession.QRKey = proceedKey; loginSession.SessionCode = sessionCode; loginSession.SessionDate = DateTime.UtcNow.AddSeconds(30); _db.SaveChanges(); } ViewBag.SessionId = Id; ViewBag.ProceedKey = proceedKey; ViewBag.SessionCode = sessionCode; return(View()); } }