public string RequestLoginApproval() { var las = new LoginApprovalSession { RequesterIpAddress = this.httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(), RequesterUserAgent = this.httpContextAccessor.HttpContext.Request.Headers?["User-Agent"], Expiration = DateTime.Now.Add(this.options.Timeout) }; return(this.sessionStore.Create(las)); }
/// <summary> /// Saves the specified session to store. /// </summary> /// <param name="las">The session to be stored.</param> /// <exception cref="ArgumentNullException">las</exception> /// <exception cref="ArgumentException">Duplicate session ID</exception> protected override void Save(LoginApprovalSession las) { if (las == null) { throw new ArgumentNullException(nameof(las)); } lock (this.saveLock) { if (this.Find(las.SessionId) != null) { throw new ArgumentException("Duplicate session ID"); } this.store.Add(las); } }
private const int SESSION_ID_LENGTH = 32; // 32 bytes = 256 bits /// <summary>Creates the specified session.</summary> /// <param name="las">The session.</param> /// <returns>ID of newly created session</returns> /// <exception cref="ArgumentNullException">session</exception> public virtual string Create(LoginApprovalSession las) { if (las == null) { throw new ArgumentNullException(nameof(las)); } // Create new session ID var lasidRaw = new byte[SESSION_ID_LENGTH]; var rng = System.Security.Cryptography.RandomNumberGenerator.Create(); rng.GetBytes(lasidRaw); las.SessionId = string.Join(string.Empty, lasidRaw.Select(x => x.ToString("X2"))); // Save to store this.Save(las); // Return generated session ID return(las.SessionId); }
/// <summary> /// Saves the specified session to store. /// </summary> /// <param name="las">The session to be stored.</param> protected abstract void Save(LoginApprovalSession las);