/// <summary>
/// Store the user's roles in a cookie to cut down on database calls
/// </summary>
/// <param name="userid">The user id</param>
/// <param name="roles">list of roles delimited by |</param>
private void CreateRoleCookie(string userid, string roles)
{
HttpCookie rolecookie = new HttpCookie(RoleCookieName);
rolecookie.Values["roles"] = PortalUtility.Encrypt(userid, roles);
rolecookie.Values["userid"] = userid;
rolecookie.Values["created"] = DateTime.Now.ToString();
HttpContext.Current.Response.Cookies.Add(rolecookie);
}
public static string GetSiteSetting(string _settingcode)
{
string returnval = String.Empty;
using (MySqlConnection conn = new MySqlConnection(PortalUtility.GetConnectionString("default")))
{
conn.Open();
returnval = GetSiteSetting(_settingcode, conn);
conn.Close();
}
return(returnval);
}
public static string SendEmail(string _subject, string _body, string _mailto, string _mailfrom, string _fromdisplayname)
{
string error = String.Empty;
string smtpuser = String.Empty;
string smtppass = String.Empty;
try
{
using (MySqlConnection conn = new MySqlConnection(PortalUtility.GetConnectionString("default")))
{
conn.Open();
smtpuser = GetSiteSetting("ContactUsername", conn);
smtppass = GetSiteSetting("ContactPassword", conn);
if (String.IsNullOrEmpty(_mailfrom))
{
_mailfrom = GetSiteSetting("ContactFrom", conn);
}
if (String.IsNullOrEmpty(_mailto))
{
_mailto = GetSiteSetting("ContactTo", conn);
}
conn.Close();
}
MailMessage mailmsg = new MailMessage();
mailmsg.To.Add(_mailto);
mailmsg.Subject = _subject;
mailmsg.Body = _body;
mailmsg.From = new MailAddress(_mailfrom, _fromdisplayname);
if (HttpContext.Current.Request.ServerVariables["SERVER_NAME"] == "localhost")
{
return(String.Empty);
//mailmsg.To.Clear();
//mailmsg.To.Add("alternate email to");
}
SmtpClient client = new SmtpClient();
client.Credentials = new System.Net.NetworkCredential(smtpuser, smtppass);
client.Send(mailmsg);
}
catch (Exception ex)
{
error = ex.Message;
}
return(error);
}
/// <summary>
/// Get the user's role from the database
/// </summary>
/// <param name="userid">User id to look up</param>
/// <returns>string of roles delimited by |</returns>
/// <remarks>This method is only called if the roles are not found in a cookie</remarks>
private string GetUserRoles(string userid)
{
string rolelist = string.Empty;
//build a delimited string of the roles
using (MySqlConnection conn = new MySqlConnection(PortalUtility.GetConnectionString("default")))
{
conn.Open();
MySqlCommand cmd = new MySqlCommand("Security_Select_UserRoles", conn);
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@pUsername", userid);
using (MySqlDataReader dr = cmd.ExecuteReader())
{
while (dr.Read())
{
rolelist += dr["RoleName"].ToString() + "|";
}
}
conn.Close();
}
rolelist = rolelist.TrimEnd('|');
return(rolelist);
}
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
// Extract the forms authentication cookie
string cookieName = FormsAuthentication.FormsCookieName;
HttpCookie authCookie = Context.Request.Cookies[cookieName];
if (null == authCookie)
{
// There is no authentication cookie.
return;
}
//Extract and ecrypt authentication ticket
FormsAuthenticationTicket authTicket = null;
try
{
authTicket = FormsAuthentication.Decrypt(authCookie.Value);
}
catch
{
// Log exception details (omitted for simplicity)
return;
}
if (null == authTicket)
{
// Cookie failed to decrypt.
return;
}
// Create an Identity object
GenericIdentity id = new GenericIdentity(authTicket.Name, "LdapAuthentication");
string rolestring = string.Empty;
string[] roles;
//Get the users roles
if (RoleCookieIsValid(id.Name))
{
//get roles from the cookie
HttpCookie rolecookie = HttpContext.Current.Request.Cookies[RoleCookieName];
rolestring = PortalUtility.Decrypt(rolecookie.Values["userid"], rolecookie.Values["roles"]);
}
//Either the cookie doesn't exist, or the user has no roles so we check again
//This is done so new users won't have to restart their browser windows (user has no roles, gets access, refreshes the page and now they have access)
if (string.IsNullOrEmpty(rolestring))
{
rolestring = GetUserRoles(id.Name);
CreateRoleCookie(id.Name, rolestring);
}
//Get the users security rights for the site
roles = rolestring.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries);
//This principal will flow throughout the request.
GenericPrincipal principal = new GenericPrincipal(id, roles);
// Attach the new principal object to the current HttpContext object
Context.User = principal;
//For some reason User.IsInRole quit working, manually setting Claims with the security roles seems to fix it
foreach (string role in roles)
{
((ClaimsIdentity)User.Identity).AddClaim(new Claim(ClaimTypes.Role, role));
}
}
