using System;
using System.Collections.Generic;
using System.Web;
using ScrewTurn.Wiki.PluginFramework;
namespace ScrewTurn.Wiki {
///
/// Implements login tools.
///
public static class LoginTools {
///
/// The login key.
///
public const string LoginKey = "LoginKey";
///
/// The username.
///
public const string Username = "Username";
///
/// A logout flag.
///
public const string Logout = "Logout";
///
/// Tries to automatically login the current user.
///
public static void TryAutoLogin() {
if(SessionFacade.LoginKey == null && HttpContext.Current.Request.Cookies[Settings.LoginCookieName] != null) {
string username = HttpContext.Current.Request.Cookies[Settings.LoginCookieName].Values[Username];
string key = HttpContext.Current.Request.Cookies[Settings.LoginCookieName].Values[LoginKey];
// Try cookie login
UserInfo user = Users.TryCookieLogin(username, key);
if(user != null) {
SetupSession(user);
Log.LogEntry("User " + user.Username + " logged in through cookie", EntryType.General, Log.SystemUsername);
TryRedirect(false);
}
else {
// Cookie is not valid, delete it
SetLoginCookie("", "", DateTime.Now.AddYears(-1));
SetupSession(null);
}
}
else if(SessionFacade.LoginKey == null && HttpContext.Current.Session[Logout] == null) { // Check for filtered autologin
// If no cookie is available, try to autologin through providers
UserInfo user = Users.TryAutoLogin(HttpContext.Current);
if(user != null) {
SetupSession(user);
Log.LogEntry("User " + user.Username + " logged in via " + user.Provider.GetType().FullName + " autologin", EntryType.General, Log.SystemUsername);
TryRedirect(false);
}
}
}
///
/// Sets up a user session.
///
/// The user (null for anonymous).
public static void SetupSession(UserInfo user) {
if(user != null) {
SessionFacade.LoginKey = Users.ComputeLoginKey(user.Username, user.Email, user.DateTime);
SessionFacade.CurrentUsername = user.Username;
HttpContext.Current.Session[Logout] = null; // No session facade because this key is used only in this page
}
else {
SessionFacade.LoginKey = null;
SessionFacade.CurrentUsername = null;
}
}
///
/// Tries to redirect the user to any specified URL.
///
/// A value indicating whether to redirect to the home page if no explicit redirect URL is found.
public static void TryRedirect(bool goHome) {
if(HttpContext.Current.Request["Redirect"] != null) {
string target = HttpContext.Current.Request["Redirect"];
if(target.StartsWith("http:") || target.StartsWith("https:")) HttpContext.Current.Response.Redirect(target);
else UrlTools.Redirect(UrlTools.BuildUrl(target));
}
else if(goHome) UrlTools.Redirect(UrlTools.BuildUrl("Default.aspx"));
}
///
/// Sets the login cookie.
///
/// The username.
/// The login key.
/// The expiration date/time.
public static void SetLoginCookie(string username, string loginKey, DateTime expiration) {
HttpCookie cookie = new HttpCookie(Settings.LoginCookieName);
cookie.Expires = expiration;
cookie.Path = Settings.CookiePath;
cookie.Values.Add(LoginKey, loginKey);
cookie.Values.Add(Username, username);
HttpContext.Current.Response.Cookies.Add(cookie);
}
///
/// Verifies read permissions for the current user, redirecting to the appropriate page if no valid permissions are found.
///
public static void VerifyReadPermissionsForCurrentNamespace() {
string currentUsername = SessionFacade.GetCurrentUsername();
string[] currentGroups = SessionFacade.GetCurrentGroupNames();
bool canViewNamespace = AuthChecker.CheckActionForNamespace(
Tools.DetectCurrentNamespaceInfo(), Actions.ForNamespaces.ReadPages,
currentUsername, currentGroups);
if(!canViewNamespace) {
if(SessionFacade.CurrentUsername == null) UrlTools.Redirect("Login.aspx?Redirect=" + Tools.UrlEncode(Tools.GetCurrentUrlFixed()));
else UrlTools.Redirect("AccessDenied.aspx");
}
}
}
}