public BaseController() { DBContext = new JolTudomEEntities(); CustomIdentity id = User.Identity as CustomIdentity; if (id != null) { SM = new SessionManager(id.Token); } }
private LoginResponse ValidateToken(string token) { try { SessionManager sm = new SessionManager(token); _Token = token; _UserName = sm.Session.Person.UserName; return new LoginResponse { PersonID = sm.Session.PersonID, RoleID = sm.Session.RoleID }; } catch (SessionNotAvailable) { throw; } }
public static SessionManager NewSession(int personid, int roleid) { // generate a token // this could be more secure ... byte[] time = BitConverter.GetBytes(DateTime.UtcNow.ToBinary()); byte[] key = Guid.NewGuid().ToByteArray(); string token = Convert.ToBase64String(time.Concat(key).ToArray()); using (JolTudomEEntities ent = new JolTudomEEntities()) { // delete those sessions, which are dead - over of the given timeout ent.usp_SessionsCleanup(JolTudomE_Api.Properties.Settings.Default.SessionTimeoutMinute); // delete those tests, which are not completed ent.usp_CleanupTests(JolTudomE_Api.Properties.Settings.Default.MaxTestExecutionHour); // this must be saved to the database with the timestamp ent.Sessions.Add(new Sessions { Token = token, PersonID = personid, RoleID = roleid, LastAction = DateTime.UtcNow }); ent.SaveChanges(); } SessionManager sm = new SessionManager(token); return sm; }