/// <summary> /// if user is logged in adds user token to <paramref name="client"/> and then checks user session and if needs renewal, renews it /// </summary> /// <param name="client"></param> /// <param name="request"></param> /// <param name="response"></param> /// <returns></returns> public static async Task <bool> PrepareClient(HttpClient client, HttpRequest request, HttpResponse response) { if (string.IsNullOrEmpty(request.Cookies["Token"]) || string.IsNullOrEmpty(request.Cookies["SessionId"])) { return(false); } client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", request.Cookies["Token"]); var r = await client.GetAsync($"{APIRoot.Url}/api/users/checkmysession/?sessionId={request.Cookies["SessionId"]}"); if (r.StatusCode == HttpStatusCode.OK) { return(true); } else if (r.StatusCode == HttpStatusCode.Unauthorized) { var reLoginUrl = $"{APIRoot.Url}/api/users/relogin/{request.Cookies["SessionId"]}"; var reLoginResponse = await client.PutAsync(reLoginUrl, null); if (reLoginResponse.StatusCode != HttpStatusCode.OK) { return(false); } LoggedOnUserModel loggedOnUser = JsonConvert.DeserializeObject <LoggedOnUserModel>(await reLoginResponse.Content.ReadAsStringAsync()); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", loggedOnUser.Token); var cookieOption = new CookieOptions() { Expires = DateTime.Now.AddDays(365), }; response.Cookies.Append("UserId", loggedOnUser.User.Id.ToString(), cookieOption); response.Cookies.Append("SessionId", loggedOnUser.SessionId.ToString(), cookieOption); response.Cookies.Append("Token", loggedOnUser.Token, cookieOption); response.Cookies.Append("Username", loggedOnUser.User.Username, cookieOption); response.Cookies.Append("Name", $"{loggedOnUser.User.FirstName} {loggedOnUser.User.SureName}", cookieOption); List <string> permissions = new List <string>(); foreach (var securableItem in loggedOnUser.SecurableItem) { foreach (var operation in securableItem.Operations) { if (operation.Status) { permissions.Add($"{securableItem.ShortName}-{operation.ShortName}"); } } } response.Cookies.Append("Permissions", JsonConvert.SerializeObject(permissions.ToArray()), cookieOption); return(true); } return(false); }
/// <summary> /// Login /// </summary> /// <returns></returns> public async Task <IActionResult> OnPostLoginAsync() { if (!ModelState.IsValid) { return(BadRequest()); } LoginViewModel.ClientAppName = "GanjooRazor"; LoginViewModel.Language = "fa-IR"; using (HttpClient client = new HttpClient()) { var stringContent = new StringContent(JsonConvert.SerializeObject(LoginViewModel), Encoding.UTF8, "application/json"); var loginUrl = $"{APIRoot.Url}/api/users/login"; var response = await client.PostAsync(loginUrl, stringContent); if (response.StatusCode != HttpStatusCode.OK) { return(Redirect($"/login?redirect={Request.Path}&error={await response.Content.ReadAsStringAsync()}")); } LoggedOnUserModel loggedOnUser = JsonConvert.DeserializeObject <LoggedOnUserModel>(await response.Content.ReadAsStringAsync()); var cookieOption = new CookieOptions() { Expires = DateTime.Now.AddDays(365), }; Response.Cookies.Append("UserId", loggedOnUser.User.Id.ToString(), cookieOption); Response.Cookies.Append("SessionId", loggedOnUser.SessionId.ToString(), cookieOption); Response.Cookies.Append("Token", loggedOnUser.Token, cookieOption); Response.Cookies.Append("Username", loggedOnUser.User.Username, cookieOption); Response.Cookies.Append("Name", $"{loggedOnUser.User.FirstName} {loggedOnUser.User.SureName}", cookieOption); List <string> permissions = new List <string>(); foreach (var securableItem in loggedOnUser.SecurableItem) { foreach (var operation in securableItem.Operations) { if (operation.Status) { permissions.Add($"{securableItem.ShortName}-{operation.ShortName}"); } } } Response.Cookies.Append("Permissions", JsonConvert.SerializeObject(permissions.ToArray()), cookieOption); } return(Redirect(Request.Path)); }
public async Task <IActionResult> OnPostAsync() { RedirectUrl = Request.Query["redirect"]; if (string.IsNullOrEmpty(RedirectUrl)) { RedirectUrl = "/"; } if (!ModelState.IsValid) { return(Page()); } LoginViewModel.ClientAppName = "GanjooRazor"; LoginViewModel.Language = "fa-IR"; using (HttpClient client = new HttpClient()) { if (string.IsNullOrEmpty(LoginViewModel.Username)) { if (await GanjoorSessionChecker.PrepareClient(client, Request, Response)) { var logoutUrl = $"{APIRoot.Url}/api/users/delsession?userId={Request.Cookies["UserId"]}&sessionId={Request.Cookies["SessionId"]}"; await client.DeleteAsync(logoutUrl); } var cookieOption = new CookieOptions() { Expires = DateTime.Now.AddDays(-1) }; foreach (var cookieName in new string[] { "UserId", "SessionId", "Token", "Username", "Name", "Permissions" }) { if (Request.Cookies[cookieName] != null) { Response.Cookies.Append(cookieName, "", cookieOption); } } return(Page()); } else { var stringContent = new StringContent(JsonConvert.SerializeObject(LoginViewModel), Encoding.UTF8, "application/json"); var loginUrl = $"{APIRoot.Url}/api/users/login"; var response = await client.PostAsync(loginUrl, stringContent); if (response.StatusCode != HttpStatusCode.OK) { LastError = await response.Content.ReadAsStringAsync(); return(Page()); } LoggedOnUserModel loggedOnUser = JsonConvert.DeserializeObject <LoggedOnUserModel>(await response.Content.ReadAsStringAsync()); var cookieOption = new CookieOptions() { Expires = DateTime.Now.AddDays(365), }; Response.Cookies.Append("UserId", loggedOnUser.User.Id.ToString(), cookieOption); Response.Cookies.Append("SessionId", loggedOnUser.SessionId.ToString(), cookieOption); Response.Cookies.Append("Token", loggedOnUser.Token, cookieOption); Response.Cookies.Append("Username", loggedOnUser.User.Username, cookieOption); Response.Cookies.Append("Name", $"{loggedOnUser.User.FirstName} {loggedOnUser.User.SureName}", cookieOption); List <string> permissions = new List <string>(); foreach (var securableItem in loggedOnUser.SecurableItem) { foreach (var operation in securableItem.Operations) { if (operation.Status) { permissions.Add($"{securableItem.ShortName}-{operation.ShortName}"); } } } Response.Cookies.Append("Permissions", JsonConvert.SerializeObject(permissions.ToArray()), cookieOption); } } LastError = "Success!"; return(Redirect(RedirectUrl)); }