public RequireAuthenticationFilter( IApplicationRuntimeSettings applicationRuntimeSettings, IBaseUrlGenerator baseUrlGenerator, IAuthenticateServiceEndpoint authenticateServiceEndpoint, ISessionGetter sessionGetter, IAuthenticationSessionContants contants) { _applicationRuntimeSettings = applicationRuntimeSettings; _baseUrlGenerator = baseUrlGenerator; _authenticateServiceEndpoint = authenticateServiceEndpoint; _sessionGetter = sessionGetter; _contants = contants; }
public AuthenticateServiceEndpoint( IServiceEndpointBootstrapper <UsernamePassword, ServiceResponse> bootstrapper, IUserRepository userRepository, IFormDataReader formDataReader, IPostHttpMethod postHttpMethod, ISessionGetter sessionGetter, IAuthenticationSessionContants contants) { bootstrapper.Bootstrap(this, postHttpMethod, "authenticate", (HttpContext httpContext, List <string> messages, out UsernamePassword request) => { Dictionary <string, string> formData; if (formDataReader.ReadFormData(httpContext.HttpRequest.InputStream, messages, out formData) == false) { request = null; return(false); } request = new UsernamePassword { Username = formData["username"], Password = formData["password"] }; if (request.Username != null) { request.Username = request.Username.Trim(); } return(true); }, perform: (httpContext, request) => { ServiceResponse serviceResponse; var session = sessionGetter.GetSession(httpContext); if (session[contants.Authenticated] == true.ToString()) { serviceResponse = new ServiceResponse { Success = true, Messages = new List <string> { "Already authenticated" } }; } else if (userRepository.Authenticate(request.Username, request.Password)) { session[contants.Username] = request.Username; session[contants.Authenticated] = true.ToString(); serviceResponse = new ServiceResponse { Success = true, Messages = new List <string> { "Successfully authenticated" } }; } else { httpContext.HttpResponse.HttpStatusCode = HttpStatusCode.Forbidden; serviceResponse = new ServiceResponse { Success = false, Messages = new List <string> { "Invalid username or password" } }; } var returnUrl = session[contants.ReturnUrl]; if (serviceResponse.Success && returnUrl != null) { session.Remove(contants.ReturnUrl); httpContext.HttpResponse.HttpStatusCode = HttpStatusCode.Redirect; httpContext.HttpResponse.Headers.Add("Location:", returnUrl); } return(serviceResponse); }, validate: (request, messages) => { if (string.IsNullOrWhiteSpace(request.Username)) { messages.Add("No 'username' is set."); return(false); } return(true); }, requestFailureHandler: (httpContext, requestFailedAt, messages, request) => { httpContext.HttpResponse.HttpStatusCode = HttpStatusCode.Forbidden; var serviceResponse = new ServiceResponse { Success = false, Messages = new List <string>() }; serviceResponse.Messages.AddRange(messages); return(serviceResponse); }); }