public static bool LoginFromCookie(ActionContext ac)
{
using (AuthLogic.Disable())
{
try
{
if (!ac.HttpContext.Request.Cookies.TryGetValue(CookieName, out string ticketText) || !ticketText.HasText())
{
return(false); //there is no cookie
}
var httpConnection = ac.HttpContext.Features.Get <IHttpConnectionFeature>();
UserEntity user = UserTicketLogic.UpdateTicket(httpConnection.RemoteIpAddress.ToString(), ref ticketText);
AuthServer.OnUserPreLogin(ac, user);
ac.HttpContext.Response.Cookies.Append(CookieName, ticketText, new CookieOptions
{
Domain = ac.HttpContext.Request.Host.Host.ToString(),
Path = new UrlHelper(ac).Content("~/"),
Expires = DateTime.UtcNow.Add(UserTicketLogic.ExpirationInterval),
});
AuthServer.AddUserSession(ac, user);
return(true);
}
catch
{
//Remove cookie
RemoveCookie(ac);
return(false);
}
}
}
public static bool LoginFromCookie()
{
using (AuthLogic.Disable())
{
try
{
var authCookie = System.Web.HttpContext.Current.Request.Cookies[CookieName];
if (authCookie == null || !authCookie.Value.HasText())
{
return(false); //there is no cookie
}
string ticketText = authCookie.Value;
UserEntity user = UserTicketLogic.UpdateTicket(
System.Web.HttpContext.Current.Request.UserHostAddress,
ref ticketText);
AuthServer.OnUserPreLogin(null, user);
System.Web.HttpContext.Current.Response.Cookies.Add(new HttpCookie(CookieName, ticketText)
{
Expires = DateTime.UtcNow.Add(UserTicketLogic.ExpirationInterval),
HttpOnly = true,
Domain = System.Web.HttpContext.Current.Request.Url.Host
});
AuthServer.AddUserSession(user);
return(true);
}
catch
{
//Remove cookie
HttpCookie cookie = new HttpCookie(CookieName)
{
Expires = DateTime.UtcNow.AddDays(-10), // or any other time in the past
HttpOnly = true,
Domain = System.Web.HttpContext.Current.Request.Url.Host
};
System.Web.HttpContext.Current.Response.Cookies.Set(cookie);
return(false);
}
}
}
