Candor.Security.Web.CandorAuthenticationModule.OnAuthenticate C# (CSharp) Method

CandorAuthenticationModule Class Documentation 显示文件 Open project: michael-lang/candor-common

OnAuthenticate() public static method

Authenticates the current context.
public static OnAuthenticate ( HttpContext context ) : void
context System.Web.HttpContext The context containing the current request to be authenticated and the response.
return void 
        public static void OnAuthenticate( HttpContext context )
        {
            if (!CheckRequireAuthentication(context))
                return;

            var ticketCookie = HttpContext.Current.Request.Cookies[AuthenticationTicketTokenKey];
            var ticketHeader = HttpContext.Current.Request.Headers["X-" + AuthenticationTicketTokenKey];
            var rememberCookie = HttpContext.Current.Request.Cookies[RememberMeKey];
            var rememberHeader = HttpContext.Current.Request.Headers["X-" + RememberMeKey];
            var sessionCookie = HttpContext.Current.Request.Cookies[SessionIdKey];
            var sessionHeader = HttpContext.Current.Request.Headers["X-" + SessionIdKey];

            var rememberMe = false;
            if (rememberCookie != null && !String.IsNullOrWhiteSpace(rememberCookie.Value))
                Boolean.TryParse(rememberCookie.Value, out rememberMe);
            else if (!String.IsNullOrWhiteSpace(rememberHeader))
                Boolean.TryParse(rememberHeader, out rememberMe);
            var ipAddress = context.Request.UserHostAddress;

            if ((ticketCookie == null || string.IsNullOrWhiteSpace(ticketCookie.Value))
                && string.IsNullOrWhiteSpace(ticketHeader))
            {
                Guid anonSessionId;
                if ((sessionCookie == null || string.IsNullOrWhiteSpace(sessionCookie.Value))
                    && string.IsNullOrWhiteSpace(sessionHeader))
                {
                    anonSessionId = Guid.NewGuid();
                }
                else
                {
                    anonSessionId = Guid.Parse(sessionHeader ?? sessionCookie.Value);
                }
                var anon = new UserPrincipal(); //anonymous
                anon.Identity.Ticket.UserSession.RenewalToken = anonSessionId;
                anon.Identity.Ticket.IPAddress = ipAddress;
                SecurityContextManager.CurrentUser = anon;
                return;
            }

            var identity = UserManager.AuthenticateUser(ticketHeader ?? ticketCookie.Value, rememberMe ? UserSessionDurationType.Extended : UserSessionDurationType.PublicComputer, ipAddress, new ExecutionResults());
            var principal = new UserPrincipal(identity);
            SecurityContextManager.CurrentUser = principal;

            if (ImpersonationEnabled && !principal.IsAnonymous && principal.IsInAnyRole(UserManager.Provider.ImpersonationAllowedRoles))
            {	//check for impersonation
                HttpCookie impersonatedUserCookie = context.Request.Cookies[ImpersonationKey];
                var impersonatedHeader = context.Request.Headers["X-" + ImpersonationKey];
                if (!String.IsNullOrWhiteSpace(impersonatedHeader) ||
                    (impersonatedUserCookie != null && !string.IsNullOrEmpty(impersonatedUserCookie.Value)))
                {
                    var impersonatedUser = UserManager.GetUserByName(impersonatedHeader ?? impersonatedUserCookie.Value);
                    if (impersonatedUser != null)
                    {
                        principal = new UserPrincipal(new UserIdentity(impersonatedUser.UserID, impersonatedUser.Name, identity));
                        SecurityContextManager.CurrentUser = principal;
                    }
                }
            }
        }

Same methods

CandorAuthenticationModule::OnAuthenticate ( object sender, EventArgs e ) : void
CandorAuthenticationModule
CheckRequireAuthentication
Dispose
Init
OnAuthenticate
OnEndRequest