示例#1
0
        IEnjoyUser IEnjoyAuthService.GetAuthenticatedUser()
        {
            if (_signedInUser != null || _isAuthenticated)
            {
                return(_signedInUser);
            }

            var httpContext = _httpContextAccessor.Current();

            if (httpContext.IsBackgroundContext() || !httpContext.Request.IsAuthenticated || !(httpContext.User.Identity is FormsIdentity))
            {
                return(null);
            }

            var formsIdentity = (FormsIdentity)httpContext.User.Identity;
            var userData      = formsIdentity.Ticket.UserData ?? "";

            // The cookie user data is {userName.Base64};{tenant}.
            var userDataSegments = userData.Split(';');

            if (userDataSegments.Length < 2)
            {
                return(null);
            }

            var userDataName   = userDataSegments[0];
            var userDataTenant = userDataSegments[1];

            try
            {
                userDataName = userDataName.FromBase64();
            }
            catch
            {
                return(null);
            }

            if (!String.Equals(userDataTenant, _tenantName, StringComparison.Ordinal))
            {
                return(null);
            }
            var record = QueryByMobileForSignin(userDataName);

            _signedInUser = object.Equals(record, null) ? null : new EnjoyUserModel(record);
            if (_signedInUser == null)////TODO:最好加入登出时间的验证,用于判断是否可以创建cookie.
            {
                //_isNonOrchardUser = true;
                return(null);
            }

            _isAuthenticated = true;
            return(_signedInUser);
        }
示例#2
0
        public void SignIn(IEnjoyUser user, bool createPersistentCookie)
        {
            var now = _clock.UtcNow.ToLocalTime();

            // The cookie user data is "{userName.Base64};{tenant}".
            // The username is encoded to Base64 to prevent collisions with the ';' seprarator.
            var userData = String.Concat(user.Mobile.ToBase64(), ";", _tenantName);

            var ticket = new FormsAuthenticationTicket(
                _cookieVersion,
                user.Mobile,
                now,
                now.Add(ExpirationTimeSpan),
                createPersistentCookie,
                userData,
                FormsAuthentication.FormsCookiePath);

            var encryptedTicket = FormsAuthentication.Encrypt(ticket);

            var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket)
            {
                HttpOnly = true,
                Secure   = _sslSettingsProvider.GetRequiresSSL(),
                Path     = FormsAuthentication.FormsCookiePath
            };

            var httpContext = _httpContextAccessor.Current();

            if (!String.IsNullOrEmpty(_settings.RequestUrlPrefix))
            {
                cookie.Path = GetCookiePath(httpContext);
            }

            if (FormsAuthentication.CookieDomain != null)
            {
                cookie.Domain = FormsAuthentication.CookieDomain;
            }

            if (createPersistentCookie)
            {
                cookie.Expires = ticket.Expiration;
            }

            httpContext.Response.Cookies.Add(cookie);

            _isAuthenticated = true;
            _signedInUser    = user;
        }
示例#3
0
        public void SignOut()
        {
            _signedInUser    = null;
            _isAuthenticated = false;
            FormsAuthentication.SignOut();

            // overwritting the authentication cookie for the given tenant
            var httpContext  = _httpContextAccessor.Current();
            var rFormsCookie = new HttpCookie(FormsAuthentication.FormsCookieName, "")
            {
                Expires = DateTime.UtcNow.AddYears(-1),
            };

            if (!String.IsNullOrEmpty(_settings.RequestUrlPrefix))
            {
                rFormsCookie.Path = GetCookiePath(httpContext);
            }
            httpContext.Response.Cookies.Add(rFormsCookie);
        }
示例#4
0
 public void SetAuthenticatedUserForRequest(IEnjoyUser user)
 {
     _signedInUser    = user;
     _isAuthenticated = true;
     //_isNonOrchardUser = false;
 }