public object Post(Authenticate request)
{
AssertAuthProviders();
if (ValidateFn != null)
{
var validationResponse = ValidateFn(this, HttpMethods.Get, request);
if (validationResponse != null) return validationResponse;
}
if (request.RememberMe.HasValue)
{
var opt = request.RememberMe.GetValueOrDefault(false)
? SessionOptions.Permanent
: SessionOptions.Temporary;
base.Request.AddSessionOptions(opt);
}
var provider = request.provider ?? AuthProviders[0].Provider;
if (provider == CredentialsAliasProvider)
provider = CredentialsProvider;
var oAuthConfig = GetAuthProvider(provider);
if (oAuthConfig == null)
throw HttpError.NotFound("No configuration was added for OAuth provider '{0}'".Fmt(provider));
if (request.provider == LogoutAction)
return oAuthConfig.Logout(this, request);
var session = this.GetSession();
var isHtml = base.Request.ResponseContentType.MatchesContentType(MimeTypes.Html);
try
{
var response = Authenticate(request, provider, session, oAuthConfig);
// The above Authenticate call may end an existing session and create a new one so we need
// to refresh the current session reference.
session = this.GetSession();
var referrerUrl = request.Continue
?? session.ReferrerUrl
?? this.Request.GetHeader("Referer")
?? oAuthConfig.CallbackUrl;
var alreadyAuthenticated = response == null;
response = response ?? new AuthenticateResponse {
UserId = session.UserAuthId,
UserName = session.UserAuthName,
SessionId = session.Id,
ReferrerUrl = referrerUrl,
};
if (isHtml)
{
if (alreadyAuthenticated)
return this.Redirect(referrerUrl.AddHashParam("s", "0"));
if (!(response is IHttpResult) && !String.IsNullOrEmpty(referrerUrl))
{
return new HttpResult(response) {
Location = referrerUrl
};
}
}
return response;
}
catch (HttpError ex)
{
var errorReferrerUrl = this.Request.GetHeader("Referer");
if (isHtml && errorReferrerUrl != null)
{
errorReferrerUrl = errorReferrerUrl.SetQueryParam("error", ex.Message);
return HttpResult.Redirect(errorReferrerUrl);
}
throw;
}
}