public void LogonAuthenticatedUser(AuthenticatedUserInfo authenticatedUserInfo) { AuthenticationProperties properties = null; if (authenticatedUserInfo.RememberMe) { properties = new AuthenticationProperties { IsPersistent = true } } ; else { properties = new AuthenticationProperties { ExpiresUtc = DateTime.UtcNow.AddMinutes(30), IsPersistent = true } }; ClaimsIdentity identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme); identity.AddClaim(new Claim(ClaimTypes.Name, authenticatedUserInfo.User.Alias)); identity.AddClaim(new Claim(ClaimTypes.Email, authenticatedUserInfo.User.Email)); identity.AddClaim(new Claim("TenantId", authenticatedUserInfo.User.TenantId.ToString())); identity.AddClaim(new Claim("UserId", authenticatedUserInfo.User.UserId.ToString())); identity.AddClaim(new Claim("RememberMe", authenticatedUserInfo.RememberMe.ToString())); identity.AddClaim(new Claim("Version", "1")); foreach (string role in authenticatedUserInfo.User.Roles) { identity.AddClaim(new Claim(ClaimTypes.Role, role)); } _httpContextAccessor.HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity), properties).Wait(); } }
public void Logon(LogonModel model) { try { // Validate supplied logon credentials _authenticationValidator.ValidateLogon(model); // Username and password valid, user not locked out. We can continue and log user on. User user = _userRepository.ReadUserByEmail(model.TenantId, model.Email.Trim().ToLower()); // Get user details that we will persist during authenticated session AuthenticatedUser authenticatedUser = new AuthenticatedUser { Alias = user.Alias, Email = user.Email, UserId = user.UserId, TenantId = model.TenantId, Roles = user.Roles.Select(r => r.Name).ToList() }; AuthenticatedUserInfo authenticatedUserInfo = new AuthenticatedUserInfo { User = authenticatedUser, RememberMe = model.RememberMe }; // Logon user using authentication provider _authenticationProviderService.LogonAuthenticatedUser(authenticatedUserInfo); } catch (UserLockedOutException) { Logoff(); throw; } }
public AuthenticatedUserInfo GetCurrentUser() { if (_httpContextAccessor.HttpContext.User == null || !_httpContextAccessor.HttpContext.User.Identity.IsAuthenticated) { return(null); } ClaimsPrincipal principal = _httpContextAccessor.HttpContext.User; AuthenticatedUser user = new AuthenticatedUser(); user.Alias = principal.Claims.Where(c => c.Type == ClaimTypes.Name).Select(c => c.Value).FirstOrDefault(); user.Email = principal.Claims.Where(c => c.Type == ClaimTypes.Email).Select(c => c.Value).FirstOrDefault(); user.TenantId = Convert.ToInt64(principal.Claims.Where(c => c.Type == "TenantId").Select(c => c.Value).FirstOrDefault()); user.UserId = Convert.ToInt64(principal.Claims.Where(c => c.Type == "UserId").Select(c => c.Value).FirstOrDefault()); user.Roles = new List <string>(); foreach (Claim claim in principal.Claims.Where(c => c.Type == ClaimTypes.Role)) { user.Roles.Add(claim.Value); } bool rememberMe = Convert.ToBoolean(principal.Claims.Where(c => c.Type == "RememberMe").Select(c => c.Value).FirstOrDefault()); AuthenticatedUserInfo userInfo = new AuthenticatedUserInfo { User = user, RememberMe = rememberMe }; return(userInfo); }
public bool UpdateUser(UpdateUserModel model, IUnitOfWork unitOfWork = null) { // If we don't have a unit of work in place, create one now so that we can rollback all changes in case of failure IUnitOfWork localUnitOfWork = unitOfWork == null?_unitOfWorkFactory.CreateUnitOfWork() : null; // Do the user update try { // Validate supplied details (including checking that all or none of the image upload properties are specified) _authenticationValidator.ValidateUpdateUser(model); // Get existing user details User user = _userRepository.ReadUser(model.TenantId, model.UserId); string currentAlias = user.Alias; string currentEmail = user.Email; // Get new details string newAlias = model.Alias.Trim(); string newEmail = model.Email.Trim().ToLower(); user.Alias = newAlias; user.Email = newEmail; // Has email address changed? bool reconfirm = (currentEmail != newEmail); if (reconfirm) { // Get confirm verification token TimeSpan expiryTimeSpan = _authenticationConfigurationService.GetUpdateUserExpiryTimeSpan(model.TenantId); Token confirmToken = _securityService.CreateToken(expiryTimeSpan); // Unconfirm account user.Confirmed = false; user.ConfirmTokenValue = confirmToken.Value.ToString(); user.ConfirmTokenExpiry = confirmToken.Expiry; // Commit user images? if (model.ImageUploadId.HasValue && user.ImageUploadId != model.ImageUploadId) { _uploadService.Commit(model.ImageTenantId.Value, model.ThumbnailImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork); _uploadService.Commit(model.ImageTenantId.Value, model.PreviewImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork); _uploadService.Commit(model.ImageTenantId.Value, model.ImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork); user.ImageTenantId = model.ImageTenantId; user.ThumbnailImageUploadId = model.ThumbnailImageUploadId; user.PreviewImageUploadId = model.PreviewImageUploadId; user.ImageUploadId = model.ImageUploadId; } // Update user details _userRepository.UpdateUser(user, unitOfWork ?? localUnitOfWork); // Get details of email that will be sent to user who must re-confirm their account Email email = _authenticationConfigurationService.GetUpdateUserEmail(Web, Domain, newEmail, newAlias, confirmToken); // Send email to newly created user _emailService.SendEmail(email); } // If email address not changed if (!reconfirm) { // Commit user images? if (model.ImageUploadId.HasValue && user.ImageUploadId != model.ImageUploadId) { _uploadService.Commit(model.ImageTenantId.Value, model.ThumbnailImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork); _uploadService.Commit(model.ImageTenantId.Value, model.PreviewImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork); _uploadService.Commit(model.ImageTenantId.Value, model.ImageUploadId.Value, GetUserImageStorageHierarchy(), unitOfWork ?? localUnitOfWork); user.ImageTenantId = model.ImageTenantId; user.ThumbnailImageUploadId = model.ThumbnailImageUploadId; user.PreviewImageUploadId = model.PreviewImageUploadId; user.ImageUploadId = model.ImageUploadId; } // Update user details _userRepository.UpdateUser(user, unitOfWork ?? localUnitOfWork); // If email address not changed, update authenticated user details AuthenticatedUserInfo userInfo = GetCurrentUser(); userInfo.User.Alias = user.Alias; _authenticationProviderService.LogonAuthenticatedUser(userInfo); } // Commit work if local unit of work in place if (localUnitOfWork != null) { localUnitOfWork.Commit(); } // Return whether or not user must reconfirm address return(reconfirm); } catch (ValidationErrorException) { if (localUnitOfWork != null) { localUnitOfWork.Rollback(); } throw; } catch (Exception ex) { if (localUnitOfWork != null) { localUnitOfWork.Rollback(); } throw new ValidationErrorException(new ValidationError(null, ApplicationResource.UnexpectedErrorMessage), ex); } }