public void LogonAuthenticatedUser(AuthenticatedUserInfo authenticatedUserInfo)
{
AuthenticationProperties properties = null;
if (authenticatedUserInfo.RememberMe)
{
properties = new AuthenticationProperties {
IsPersistent = true
}
}
;
else
{
properties = new AuthenticationProperties {
ExpiresUtc = DateTime.UtcNow.AddMinutes(30), IsPersistent = true
}
};
ClaimsIdentity identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme);
identity.AddClaim(new Claim(ClaimTypes.Name, authenticatedUserInfo.User.Alias));
identity.AddClaim(new Claim(ClaimTypes.Email, authenticatedUserInfo.User.Email));
identity.AddClaim(new Claim("TenantId", authenticatedUserInfo.User.TenantId.ToString()));
identity.AddClaim(new Claim("UserId", authenticatedUserInfo.User.UserId.ToString()));
identity.AddClaim(new Claim("RememberMe", authenticatedUserInfo.RememberMe.ToString()));
identity.AddClaim(new Claim("Version", "1"));
foreach (string role in authenticatedUserInfo.User.Roles)
{
identity.AddClaim(new Claim(ClaimTypes.Role, role));
}
_httpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity), properties).Wait();
}
}
public void Logon(LogonModel model)
{
try
{
// Validate supplied logon credentials
_authenticationValidator.ValidateLogon(model);
// Username and password valid, user not locked out. We can continue and log user on.
User user = _userRepository.ReadUserByEmail(model.TenantId, model.Email.Trim().ToLower());
// Get user details that we will persist during authenticated session
AuthenticatedUser authenticatedUser = new AuthenticatedUser
{
Alias = user.Alias,
Email = user.Email,
UserId = user.UserId,
TenantId = model.TenantId,
Roles = user.Roles.Select(r => r.Name).ToList()
};
AuthenticatedUserInfo authenticatedUserInfo = new AuthenticatedUserInfo
{
User = authenticatedUser,
RememberMe = model.RememberMe
};
// Logon user using authentication provider
_authenticationProviderService.LogonAuthenticatedUser(authenticatedUserInfo);
}
catch (UserLockedOutException)
{
Logoff();
throw;
}
}
public AuthenticatedUserInfo GetCurrentUser()
{
if (_httpContextAccessor.HttpContext.User == null || !_httpContextAccessor.HttpContext.User.Identity.IsAuthenticated)
{
return(null);
}
ClaimsPrincipal principal = _httpContextAccessor.HttpContext.User;
AuthenticatedUser user = new AuthenticatedUser();
user.Alias = principal.Claims.Where(c => c.Type == ClaimTypes.Name).Select(c => c.Value).FirstOrDefault();
user.Email = principal.Claims.Where(c => c.Type == ClaimTypes.Email).Select(c => c.Value).FirstOrDefault();
user.TenantId = Convert.ToInt64(principal.Claims.Where(c => c.Type == "TenantId").Select(c => c.Value).FirstOrDefault());
user.UserId = Convert.ToInt64(principal.Claims.Where(c => c.Type == "UserId").Select(c => c.Value).FirstOrDefault());
user.Roles = new List <string>();
foreach (Claim claim in principal.Claims.Where(c => c.Type == ClaimTypes.Role))
{
user.Roles.Add(claim.Value);
}
bool rememberMe = Convert.ToBoolean(principal.Claims.Where(c => c.Type == "RememberMe").Select(c => c.Value).FirstOrDefault());
AuthenticatedUserInfo userInfo = new AuthenticatedUserInfo
{
User = user,
RememberMe = rememberMe
};
return(userInfo);
}
public bool UpdateUser(UpdateUserModel model, IUnitOfWork unitOfWork = null)
{
// If we don't have a unit of work in place, create one now so that we can rollback all changes in case of failure
IUnitOfWork localUnitOfWork = unitOfWork == null?_unitOfWorkFactory.CreateUnitOfWork() : null;
// Do the user update
try
{
// Validate supplied details (including checking that all or none of the image upload properties are specified)
_authenticationValidator.ValidateUpdateUser(model);
// Get existing user details
User user = _userRepository.ReadUser(model.TenantId, model.UserId);
string currentAlias = user.Alias;
string currentEmail = user.Email;
// Get new details
string newAlias = model.Alias.Trim();
string newEmail = model.Email.Trim().ToLower();
user.Alias = newAlias;
user.Email = newEmail;
// Has email address changed?
bool reconfirm = (currentEmail != newEmail);
if (reconfirm)
{
// Get confirm verification token
TimeSpan expiryTimeSpan = _authenticationConfigurationService.GetUpdateUserExpiryTimeSpan(model.TenantId);
Token confirmToken = _securityService.CreateToken(expiryTimeSpan);
// Unconfirm account
user.Confirmed = false;
user.ConfirmTokenValue = confirmToken.Value.ToString();
user.ConfirmTokenExpiry = confirmToken.Expiry;
// Commit user images?
if (model.ImageUploadId.HasValue && user.ImageUploadId != model.ImageUploadId)
{
_uploadService.Commit(model.ImageTenantId.Value, model.ThumbnailImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork);
_uploadService.Commit(model.ImageTenantId.Value, model.PreviewImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork);
_uploadService.Commit(model.ImageTenantId.Value, model.ImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork);
user.ImageTenantId = model.ImageTenantId;
user.ThumbnailImageUploadId = model.ThumbnailImageUploadId;
user.PreviewImageUploadId = model.PreviewImageUploadId;
user.ImageUploadId = model.ImageUploadId;
}
// Update user details
_userRepository.UpdateUser(user, unitOfWork ?? localUnitOfWork);
// Get details of email that will be sent to user who must re-confirm their account
Email email = _authenticationConfigurationService.GetUpdateUserEmail(Web, Domain, newEmail, newAlias, confirmToken);
// Send email to newly created user
_emailService.SendEmail(email);
}
// If email address not changed
if (!reconfirm)
{
// Commit user images?
if (model.ImageUploadId.HasValue && user.ImageUploadId != model.ImageUploadId)
{
_uploadService.Commit(model.ImageTenantId.Value, model.ThumbnailImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork);
_uploadService.Commit(model.ImageTenantId.Value, model.PreviewImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork);
_uploadService.Commit(model.ImageTenantId.Value, model.ImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork);
user.ImageTenantId = model.ImageTenantId;
user.ThumbnailImageUploadId = model.ThumbnailImageUploadId;
user.PreviewImageUploadId = model.PreviewImageUploadId;
user.ImageUploadId = model.ImageUploadId;
}
// Update user details
_userRepository.UpdateUser(user, unitOfWork ?? localUnitOfWork);
// If email address not changed, update authenticated user details
AuthenticatedUserInfo userInfo = GetCurrentUser();
userInfo.User.Alias = user.Alias;
_authenticationProviderService.LogonAuthenticatedUser(userInfo);
}
// Commit work if local unit of work in place
if (localUnitOfWork != null)
{
localUnitOfWork.Commit();
}
// Return whether or not user must reconfirm address
return(reconfirm);
}
catch (ValidationErrorException)
{
if (localUnitOfWork != null)
{
localUnitOfWork.Rollback();
}
throw;
}
catch (Exception ex)
{
if (localUnitOfWork != null)
{
localUnitOfWork.Rollback();
}
throw new ValidationErrorException(new ValidationError(null, ApplicationResource.UnexpectedErrorMessage), ex);
}
}
