public override object Logout(ServiceStack.IServiceBase service, Authenticate request)
{
if (service is Service srv)
{
srv.Cache.Remove($"sessions:{srv.GetSessionId()}:pfe:UserTenants");
}
return(base.Logout(service, request));
}
public override bool TryAuthenticate(ServiceStack.IServiceBase authService, string userName, string password)
{
return(userName == password);
//return base.TryAuthenticate(authService, userName, password);
}
public override bool TryAuthenticate(ServiceStack.IServiceBase authService,
string userName, string password)
{
// ked uz nepojdeme cez httpcontext, odstranit
//pozri aj GlobalRequestFilters.Add((req, res, dto) =>
RequestContext.Instance.Items.Add("EsamDb", authService.Request.GetHeader("EsamDb"));
if (userName == "IsoNotifyTechUser" && password == "p@55w0rd222")
{
return(true);
}
//var service = authService.ResolveService<ServiceBase>();
var service = authService as Service;
var passwordHasher = HostContext.TryResolve <IPasswordHasher>();
if (dcomRezim)
{
/*if (!service.Request.Cookies.ContainsKey(IamDcomTokenName))
* {
* throw new WebEasUnauthorizedAccessException(null, "Token nebol najdený");
* }
*
* var tokenCookie = service.Request.Cookies[IamDcomTokenName];
*
* // kontrola na token z cookie
* if (tokenCookie == null || string.IsNullOrEmpty(tokenCookie.Value))
* {
* throw new WebEasUnauthorizedAccessException(null, "Token nebol najdený");
* }
*/
if (service.Request.Headers[ActorIdsector] != "DCOM")
{
throw new WebEasUnauthorizedAccessException(null, "DCOM header nie je nastavený");
}
return(true);
}
var user = service.Db.Single <User>("SELECT top 1 * FROM cfe.D_User where (DatumPlatnosti is null or DatumPlatnosti > getdate()) AND LoginName = @login", new { login = userName });
if (user == null)
{
throw new WebEasUnauthorizedAccessException(null, "Nesprávne meno alebo heslo");
}
if (user.PlatnostOd.Date > DateTime.Today || DateTime.Today > (user.PlatnostDo?.Date ?? DateTime.Today))
{
throw new WebEasUnauthorizedAccessException(null, "Účet má ukončenú platnosť. Kontaktuje prosím administrátora.");
}
var successful = passwordHasher.VerifyPassword(user.LoginPswd, password, out bool needsRehash);
if (needsRehash)
{
user.LoginPswd = passwordHasher.HashPassword(password);
service.Db.UpdateOnlyFields(user, onlyFields: p => p.LoginPswd, where : p => p.D_User_Id == user.D_User_Id);
}
if (!successful)
{
throw new WebEasUnauthorizedAccessException(null, "Nesprávne meno alebo heslo");
}
return(successful);
}
public override IHttpResult OnAuthenticated(ServiceStack.IServiceBase authService,
IAuthSession session, IAuthTokens tokens,
Dictionary <string, string> authInfo)
{
//var service = authService.ResolveService<ServiceBase>();
var service = authService as Service;
var ses = session as EsamSession;
User user;
if (ses.UserAuthName == "IsoNotifyTechUser")
{
var authRequest = (Authenticate)authService.Request.Dto;
if (authRequest.Meta.ContainsKey(TenantId))
{
ses.D_Tenant_Id_Externe = Guid.Parse(authRequest.Meta[TenantId]);
SetTechUserSessionInfo(ses);
return(base.OnAuthenticated(authService, ses, tokens, authInfo));
}
if (authRequest.Meta.ContainsKey("IsoTenantId"))
{
ses.TenantId = authRequest.Meta["IsoTenantId"];
}
}
if (dcomRezim)
{
//Log.Warn("OnAuthenticated Headers:" + service.Request.Headers.ToDictionary().ToJson());
/*var tokenCookie = service.Request.Cookies[IamDcomTokenName];
* string token = tokenCookie == null || string.IsNullOrEmpty(tokenCookie.Value) ? string.Empty : tokenCookie.Value;
* ses.IamDcomToken = token;*/
ses.UserAuthName = service.Request.Headers[Upn];
var dcomUserEmail = service.Request.Headers[ActorEmail] ?? string.Empty;
var dcomUserFirstName = service.Request.Headers[ActorFirstName];
var dcomUserLastName = service.Request.Headers[ActorLastName];
var dcomUserDisplayName = service.Request.Headers[ActorFormattedName];
var userDcomId = service.Request.Headers[ActorDcomId];
var tenantIdFromHeader = service.Request.Headers[TenantId];
var hasMultipleTenants = service.Request.Headers[HasMultipleTenants];
if (!string.IsNullOrEmpty(tenantIdFromHeader))
{
tenantIdFromHeader = tenantIdFromHeader.ToUpper();
}
//CheckIsNullOrEmpty(nameof(token), token);
CheckIsNullOrEmpty(nameof(ses.UserAuthName), ses.UserAuthName);
CheckIsNullOrEmpty(nameof(dcomUserFirstName), dcomUserFirstName);
CheckIsNullOrEmpty(nameof(dcomUserLastName), dcomUserLastName);
CheckIsNullOrEmpty(nameof(userDcomId), userDcomId);
CheckIsNullOrEmpty(nameof(tenantIdFromHeader), tenantIdFromHeader);
ses.D_Tenant_Id_Externe = Guid.Parse(tenantIdFromHeader);
ses.TenantId = service.Db.Single <string>("SELECT D_Tenant_Id FROM cfe.D_Tenant WHERE D_Tenant_Id_Externe = @tenantId", new { tenantId = ses.D_Tenant_Id_Externe });
if (ses.TenantId == null)
{
throw new WebEasUnauthorizedAccessException(null, $"Ext. TenantId {tenantIdFromHeader} nebol najdený");
}
user = service.Db.Single <User>("SELECT * FROM cfe.D_User WHERE (DatumPlatnosti is null or DatumPlatnosti > getdate()) AND D_User_Id_Externe = @userIdExt", new { userIdExt = userDcomId });
if (user != null)
{
if (!string.IsNullOrEmpty(dcomUserEmail) && dcomUserEmail != user.Email)
{
service.Db.UpdateOnlyFields(user, onlyFields: p => p.Email, where : p => p.D_User_Id == user.D_User_Id);
}
if (!string.IsNullOrEmpty(dcomUserFirstName) && dcomUserFirstName != user.FirstName)
{
service.Db.UpdateOnlyFields(user, onlyFields: p => p.FirstName, where : p => p.D_User_Id == user.D_User_Id);
}
if (!string.IsNullOrEmpty(dcomUserLastName) && dcomUserLastName != user.LastName)
{
service.Db.UpdateOnlyFields(user, onlyFields: p => p.LastName, where : p => p.D_User_Id == user.D_User_Id);
}
}
else
{
//zatial vytvarame pod userom ktory spracovava notifikacie
var newUser = new User
{
D_User_Id = Guid.NewGuid(),
DatumVytvorenia = DateTime.Now,
DatumZmeny = DateTime.Now,
PlatnostOd = DateTime.Now,
D_User_Id_Externe = Guid.Parse(userDcomId),
Email = dcomUserEmail,
FirstName = dcomUserFirstName,
LastName = dcomUserLastName,
LoginName = ses.UserAuthName,
EC = "ESAM",
Vytvoril = Guid.Parse("00000000-0000-0000-0000-000000000002")
};
CreateOrUpdateDcomUser(service.Db, newUser, ses.TenantIdGuid.Value);
}
}
user = service.Db.Single <User>("SELECT * FROM cfe.D_User WHERE (DatumPlatnosti is null or DatumPlatnosti > getdate()) AND LoginName = @login", new { login = ses.UserAuthName });
if (ses == null)
{
throw new WebEasUnauthorizedAccessException(null, $"Login {ses.UserAuthName} nebol najdený");
}
ses.UserId = user.D_User_Id.ToString();
ses.UserAuthId = user.D_User_Id.ToString();
ses.FirstName = user.FirstName;
ses.LastName = user.LastName;
ses.Email = user.Email;
ses.DisplayName = user.FullName;
ses.FullName = user.FullName;
ses.EvidCisloZam = user.EC;
SetUserTenantSession(ses, service.Db, service.Cache);
user.LastLogin = DateTime.Now;
service.Db.UpdateOnlyFields(user, onlyFields: p => p.LastLogin, where : p => p.D_User_Id == user.D_User_Id);
//Call base method to Save Session and fire Auth/Session callbacks:
return(base.OnAuthenticated(authService, ses, tokens, authInfo));
}