public static void Bootstrap() { var store = ObjectFactory.GetInstance<IDocumentStore>(); // Create any indices that are not currently in raven IndexCreation.CreateIndexes(Assembly.GetExecutingAssembly(), store); // Create the admin user if there is none using (var session = store.OpenSession()) { if (!session.Query<User>().Any(x => x.IsAdmin)) { var admin = new User { Username = "******", Password = "******".ToSHAHash(), IsAdmin = true, LastActivity = DateTime.UtcNow, Email = "*****@*****.**" }; session.Store(admin); session.SaveChanges(); } } }
public override void Setup() { base.Setup(); User = Generator.SetupUser(x => { x.Username = "******"; x.IsAdmin = true; }); SiteSettingsServiceMock = new Mock<SiteSettingsService>(Db, Cache); Controller = new HomeController(Db, Metrics, Cache, SiteSettingsServiceMock.Object); ControllerUtilities.SetupControllerContext(Controller, User); }
public override void SetupFixture() { base.SetupFixture(); using (var session = Store.OpenSession()) { User = Builder<User>.CreateNew() .With(x => x.Id = null) .With(x => x.Username = GetRandom.String(20)) .With(x => x.Email = GetRandom.Email()) .With(x => x.Password = "******".ToSHAHash()) .Build(); session.Store(User); session.SaveChanges(); } }
public PasswordRetrieval(User user, Guid token) : this(user) { Token = token; }
public PasswordRetrieval(User user) { UserId = user.Id; }
public void SetLoginCookie(User user, bool rememberMe) { FormsAuthentication.SetAuthCookie(user.Username, rememberMe); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { //If not authenticated, it might be a request from flash in Firefox, so get the auth token passed in to create Identity if (!httpContext.Request.IsAuthenticated) { var token = httpContext.Request.Params[TokenKey]; if (token != null) { var ticket = FormsAuthentication.Decrypt(token); if (ticket != null) { var identity = new FormsIdentity(ticket); httpContext.User = new GenericPrincipal(identity, null); //this doesn't need to be a UserPrincipal, because that will happen below } } } if (!httpContext.Request.IsAuthenticated) return false; // If it's not a UserPrincipal, we need to create it (b/c this happens before BaseController.OnAuthorization) if (!(httpContext.User is UserPrincipal)) { User user = null; if (httpContext.User.Identity.IsAuthenticated && httpContext.User.Identity.AuthenticationType == "Forms") { using (var db = ObjectFactory.GetInstance<SqlConnection>()) { db.Open(); var userService = new UserService(db, Cache); user = userService.GetByUsername(httpContext.User.Identity.Name); } if (user == null || user.IsDeleted) return false; } else { user = new User(); } var identity = httpContext.User != null ? httpContext.User.Identity : new GenericIdentity(user.Username ?? string.Empty); httpContext.User = new UserPrincipal(user, identity); Thread.CurrentPrincipal = httpContext.User; } var userObject = httpContext.User as UserPrincipal; return !RequireAdmin || userObject.IsAdmin; }
protected override void OnAuthorization(AuthorizationContext filterContext) { // No need to create a new principal object if it already exists (child actions) if (filterContext.HttpContext.User is UserPrincipal) { base.OnAuthorization(filterContext); return; } User user = null; if (filterContext.HttpContext.User != null && filterContext.HttpContext.User.Identity.IsAuthenticated && filterContext.HttpContext.User.Identity.AuthenticationType == "Forms") { var userService = ObjectFactory.GetInstance<IUserService>(); user = userService.GetByUsername(filterContext.HttpContext.User.Identity.Name); // Something happened to their account - log them out if (user == null || user.IsDeleted) { // Since this is a rarity, I'm not going to force very controller to inject the userservice in the constructor var authService = ObjectFactory.GetInstance<IUserAuthenticationService>(); authService.Logout(); filterContext.HttpContext.User = null; } } if (user == null) { user = new User(); } var identity = filterContext.HttpContext.User != null ? filterContext.HttpContext.User.Identity : new GenericIdentity(user.Username ?? string.Empty); filterContext.HttpContext.User = new UserPrincipal(user, identity); Thread.CurrentPrincipal = filterContext.HttpContext.User; base.OnAuthorization(filterContext); }
protected override void OnAuthorization(AuthorizationContext filterContext) { // No need to create a new principal object if it already exists (child actions) if (filterContext.HttpContext.User is UserPrincipal) { base.OnAuthorization(filterContext); return; } User user; if (filterContext.HttpContext.User.Identity.IsAuthenticated && filterContext.HttpContext.User.Identity.AuthenticationType == "Forms") { using (RavenSession.GetCachingContext()) { user = RavenSession.Query<User>().Customize(x => x.WaitForNonStaleResults()).SingleOrDefault(x => x.Username == filterContext.HttpContext.User.Identity.Name); } } else { user = new User(); } filterContext.HttpContext.User = new UserPrincipal(user, filterContext.HttpContext.User.Identity); Thread.CurrentPrincipal = filterContext.HttpContext.User; base.OnAuthorization(filterContext); }
public UserPrincipal(User user, IIdentity identity) { _user = user; Identity = identity; }
public UserPrincipal(User user, IIdentity identity) { UserObject = user; Identity = identity; }
protected override bool AuthorizeCore(HttpContextBase httpContext) { //If not authenticated, it might be a request from flash in Firefox, so get the auth token passed in to create Identity if (!httpContext.Request.IsAuthenticated) { var token = httpContext.Request.Params[TokenKey]; if (token != null) { var ticket = FormsAuthentication.Decrypt(token); if (ticket != null) { var identity = new FormsIdentity(ticket); httpContext.User = new GenericPrincipal(identity, null); //this doesn't need to be a UserPrincipal, because that will happen below } } } if (!httpContext.Request.IsAuthenticated) return false; // If it's not a UserPrincipal, we need to create it (b/c this happens before RavenController.OnAuthorization) if (!(httpContext.User is UserPrincipal)) { User userObject; if (httpContext.User.Identity.IsAuthenticated && httpContext.User.Identity.AuthenticationType == "Forms") { using (RavenSession.GetCachingContext()) { userObject = RavenSession.Query<User>().Customize(x => x.WaitForNonStaleResults()).SingleOrDefault(x => x.Username == httpContext.User.Identity.Name); } } else { userObject = new User(); } httpContext.User = new UserPrincipal(userObject, httpContext.User.Identity); Thread.CurrentPrincipal = httpContext.User; } var user = httpContext.User as UserPrincipal; return !RequireAdmin || user.IsAdmin; }