/// <summary>
/// if user is logged in adds user token to <paramref name="client"/> and then checks user session and if needs renewal, renews it
/// </summary>
/// <param name="client"></param>
/// <param name="request"></param>
/// <param name="response"></param>
/// <returns></returns>
public static async Task <bool> PrepareClient(HttpClient client, HttpRequest request, HttpResponse response)
{
if (string.IsNullOrEmpty(request.Cookies["Token"]) || string.IsNullOrEmpty(request.Cookies["SessionId"]))
{
return(false);
}
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", request.Cookies["Token"]);
var r = await client.GetAsync($"{APIRoot.Url}/api/users/checkmysession/?sessionId={request.Cookies["SessionId"]}");
if (r.StatusCode == HttpStatusCode.OK)
{
return(true);
}
else
if (r.StatusCode == HttpStatusCode.Unauthorized)
{
var reLoginUrl = $"{APIRoot.Url}/api/users/relogin/{request.Cookies["SessionId"]}";
var reLoginResponse = await client.PutAsync(reLoginUrl, null);
if (reLoginResponse.StatusCode != HttpStatusCode.OK)
{
return(false);
}
LoggedOnUserModel loggedOnUser = JsonConvert.DeserializeObject <LoggedOnUserModel>(await reLoginResponse.Content.ReadAsStringAsync());
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", loggedOnUser.Token);
var cookieOption = new CookieOptions()
{
Expires = DateTime.Now.AddDays(365),
};
response.Cookies.Append("UserId", loggedOnUser.User.Id.ToString(), cookieOption);
response.Cookies.Append("SessionId", loggedOnUser.SessionId.ToString(), cookieOption);
response.Cookies.Append("Token", loggedOnUser.Token, cookieOption);
response.Cookies.Append("Username", loggedOnUser.User.Username, cookieOption);
response.Cookies.Append("Name", $"{loggedOnUser.User.FirstName} {loggedOnUser.User.SureName}", cookieOption);
List <string> permissions = new List <string>();
foreach (var securableItem in loggedOnUser.SecurableItem)
{
foreach (var operation in securableItem.Operations)
{
if (operation.Status)
{
permissions.Add($"{securableItem.ShortName}-{operation.ShortName}");
}
}
}
response.Cookies.Append("Permissions", JsonConvert.SerializeObject(permissions.ToArray()), cookieOption);
return(true);
}
return(false);
}
/// <summary>
/// Login
/// </summary>
/// <returns></returns>
public async Task <IActionResult> OnPostLoginAsync()
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
LoginViewModel.ClientAppName = "GanjooRazor";
LoginViewModel.Language = "fa-IR";
using (HttpClient client = new HttpClient())
{
var stringContent = new StringContent(JsonConvert.SerializeObject(LoginViewModel), Encoding.UTF8, "application/json");
var loginUrl = $"{APIRoot.Url}/api/users/login";
var response = await client.PostAsync(loginUrl, stringContent);
if (response.StatusCode != HttpStatusCode.OK)
{
return(Redirect($"/login?redirect={Request.Path}&error={await response.Content.ReadAsStringAsync()}"));
}
LoggedOnUserModel loggedOnUser = JsonConvert.DeserializeObject <LoggedOnUserModel>(await response.Content.ReadAsStringAsync());
var cookieOption = new CookieOptions()
{
Expires = DateTime.Now.AddDays(365),
};
Response.Cookies.Append("UserId", loggedOnUser.User.Id.ToString(), cookieOption);
Response.Cookies.Append("SessionId", loggedOnUser.SessionId.ToString(), cookieOption);
Response.Cookies.Append("Token", loggedOnUser.Token, cookieOption);
Response.Cookies.Append("Username", loggedOnUser.User.Username, cookieOption);
Response.Cookies.Append("Name", $"{loggedOnUser.User.FirstName} {loggedOnUser.User.SureName}", cookieOption);
List <string> permissions = new List <string>();
foreach (var securableItem in loggedOnUser.SecurableItem)
{
foreach (var operation in securableItem.Operations)
{
if (operation.Status)
{
permissions.Add($"{securableItem.ShortName}-{operation.ShortName}");
}
}
}
Response.Cookies.Append("Permissions", JsonConvert.SerializeObject(permissions.ToArray()), cookieOption);
}
return(Redirect(Request.Path));
}
public async Task <IActionResult> OnPostAsync()
{
RedirectUrl = Request.Query["redirect"];
if (string.IsNullOrEmpty(RedirectUrl))
{
RedirectUrl = "/";
}
if (!ModelState.IsValid)
{
return(Page());
}
LoginViewModel.ClientAppName = "GanjooRazor";
LoginViewModel.Language = "fa-IR";
using (HttpClient client = new HttpClient())
{
if (string.IsNullOrEmpty(LoginViewModel.Username))
{
if (await GanjoorSessionChecker.PrepareClient(client, Request, Response))
{
var logoutUrl = $"{APIRoot.Url}/api/users/delsession?userId={Request.Cookies["UserId"]}&sessionId={Request.Cookies["SessionId"]}";
await client.DeleteAsync(logoutUrl);
}
var cookieOption = new CookieOptions()
{
Expires = DateTime.Now.AddDays(-1)
};
foreach (var cookieName in new string[] { "UserId", "SessionId", "Token", "Username", "Name", "Permissions" })
{
if (Request.Cookies[cookieName] != null)
{
Response.Cookies.Append(cookieName, "", cookieOption);
}
}
return(Page());
}
else
{
var stringContent = new StringContent(JsonConvert.SerializeObject(LoginViewModel), Encoding.UTF8, "application/json");
var loginUrl = $"{APIRoot.Url}/api/users/login";
var response = await client.PostAsync(loginUrl, stringContent);
if (response.StatusCode != HttpStatusCode.OK)
{
LastError = await response.Content.ReadAsStringAsync();
return(Page());
}
LoggedOnUserModel loggedOnUser = JsonConvert.DeserializeObject <LoggedOnUserModel>(await response.Content.ReadAsStringAsync());
var cookieOption = new CookieOptions()
{
Expires = DateTime.Now.AddDays(365),
};
Response.Cookies.Append("UserId", loggedOnUser.User.Id.ToString(), cookieOption);
Response.Cookies.Append("SessionId", loggedOnUser.SessionId.ToString(), cookieOption);
Response.Cookies.Append("Token", loggedOnUser.Token, cookieOption);
Response.Cookies.Append("Username", loggedOnUser.User.Username, cookieOption);
Response.Cookies.Append("Name", $"{loggedOnUser.User.FirstName} {loggedOnUser.User.SureName}", cookieOption);
List <string> permissions = new List <string>();
foreach (var securableItem in loggedOnUser.SecurableItem)
{
foreach (var operation in securableItem.Operations)
{
if (operation.Status)
{
permissions.Add($"{securableItem.ShortName}-{operation.ShortName}");
}
}
}
Response.Cookies.Append("Permissions", JsonConvert.SerializeObject(permissions.ToArray()), cookieOption);
}
}
LastError = "Success!";
return(Redirect(RedirectUrl));
}
