DocSpace-buildtools/web/ASC.Web.Core/CookiesManager.cs

using Constants = ASC.Core.Users.Constants;

namespace ASC.Web.Core
{
    public enum CookiesType
    {
        AuthKey,
        SocketIO
    }

    [Scope]
    public class CookiesManager
    {
        private const string AuthCookiesName = "asc_auth_key";
        private const string SocketIOCookiesName = "socketio.sid";

        private IHttpContextAccessor HttpContextAccessor { get; }
        private UserManager UserManager { get; }
        private SecurityContext SecurityContext { get; }
        private TenantCookieSettingsHelper TenantCookieSettingsHelper { get; }
        private TenantManager TenantManager { get; }
        private CoreBaseSettings CoreBaseSettings { get; }

        public CookiesManager(
            IHttpContextAccessor httpContextAccessor,
            UserManager userManager,
            SecurityContext securityContext,
            TenantCookieSettingsHelper tenantCookieSettingsHelper,
            TenantManager tenantManager,
            CoreBaseSettings coreBaseSettings)
        {
            HttpContextAccessor = httpContextAccessor;
            UserManager = userManager;
            SecurityContext = securityContext;
            TenantCookieSettingsHelper = tenantCookieSettingsHelper;
            TenantManager = tenantManager;
            CoreBaseSettings = coreBaseSettings;
        }

        private static string GetCookiesName(CookiesType type)
        {
            return type switch
            {
                CookiesType.AuthKey => AuthCookiesName,
                CookiesType.SocketIO => SocketIOCookiesName,

                _ => string.Empty,
            };
        }

        public string GetRequestVar(CookiesType type)
        {
            if (HttpContextAccessor?.HttpContext == null) return "";

            var cookie = HttpContextAccessor.HttpContext.Request.Query[GetCookiesName(type)].FirstOrDefault() ?? HttpContextAccessor.HttpContext.Request.Form[GetCookiesName(type)].FirstOrDefault();

            return string.IsNullOrEmpty(cookie) ? GetCookies(type) : cookie;
        }

        public void SetCookies(CookiesType type, string value, bool session = false)
        {
            if (HttpContextAccessor?.HttpContext == null) return;

            var options = new CookieOptions
            {
                Expires = GetExpiresDate(session)
            };

            if (type == CookiesType.AuthKey)
            {
                options.HttpOnly = true;

                if (HttpContextAccessor.HttpContext.Request.GetUrlRewriter().Scheme == "https")
                {
                    options.Secure = true;

                    if (CoreBaseSettings.Personal)
                    {
                        options.SameSite = SameSiteMode.None;
                    }
                }
            }

            HttpContextAccessor.HttpContext.Response.Cookies.Append(GetCookiesName(type), value, options);
        }

        public void SetCookies(CookiesType type, string value, string domain, bool session = false)
        {
            if (HttpContextAccessor?.HttpContext == null) return;

            var options = new CookieOptions
            {
                Expires = GetExpiresDate(session),
                Domain = domain
            };

            if (type == CookiesType.AuthKey)
            {
                options.HttpOnly = true;

                if (HttpContextAccessor.HttpContext.Request.GetUrlRewriter().Scheme == "https")
                {
                    options.Secure = true;

                    if (CoreBaseSettings.Personal)
                    {
                        options.SameSite = SameSiteMode.None;
                    }
                }
            }

            HttpContextAccessor.HttpContext.Response.Cookies.Append(GetCookiesName(type), value, options);
        }

        public string GetCookies(CookiesType type)
        {
            if (HttpContextAccessor?.HttpContext != null)
            {
                var cookieName = GetCookiesName(type);

                if (HttpContextAccessor.HttpContext.Request.Cookies.ContainsKey(cookieName))
                    return HttpContextAccessor.HttpContext.Request.Cookies[cookieName] ?? "";
            }
            return "";
        }

        public void ClearCookies(CookiesType type)
        {
            if (HttpContextAccessor?.HttpContext == null) return;

            if (HttpContextAccessor.HttpContext.Request.Cookies.ContainsKey(GetCookiesName(type)))
            {
                HttpContextAccessor.HttpContext.Response.Cookies.Delete(GetCookiesName(type), new CookieOptions() { Expires = DateTime.Now.AddDays(-3) });
            }
        }

        private DateTime? GetExpiresDate(bool session)
        {
            DateTime? expires = null;

            if (!session)
            {
                var tenant = TenantManager.GetCurrentTenant().Id;
                expires = TenantCookieSettingsHelper.GetExpiresTime(tenant);
            }

            return expires;
        }

        public void SetLifeTime(int lifeTime)
        {
            var tenant = TenantManager.GetCurrentTenant();
            if (!UserManager.IsUserInGroup(SecurityContext.CurrentAccount.ID, Constants.GroupAdmin.ID))
            {
                throw new SecurityException();
            }

            var settings = TenantCookieSettingsHelper.GetForTenant(tenant.Id);

            if (lifeTime > 0)
            {
                settings.Index += 1;
                settings.LifeTime = lifeTime;
            }
            else
            {
                settings.LifeTime = 0;
            }

            TenantCookieSettingsHelper.SetForTenant(tenant.Id, settings);

            var cookie = SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount.ID);

            SetCookies(CookiesType.AuthKey, cookie);
        }

        public int GetLifeTime(int tenantId)
        {
            return TenantCookieSettingsHelper.GetForTenant(tenantId).LifeTime;
        }

        public void ResetUserCookie(Guid? userId = null)
        {
            var settings = TenantCookieSettingsHelper.GetForUser(userId ?? SecurityContext.CurrentAccount.ID);
            settings.Index += 1;
            TenantCookieSettingsHelper.SetForUser(userId ?? SecurityContext.CurrentAccount.ID, settings);

            if (!userId.HasValue)
            {
                var cookie = SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount.ID);

                SetCookies(CookiesType.AuthKey, cookie);
            }
        }

        public void ResetTenantCookie()
        {
            var tenant = TenantManager.GetCurrentTenant();

            if (!UserManager.IsUserInGroup(SecurityContext.CurrentAccount.ID, Constants.GroupAdmin.ID))
            {
                throw new SecurityException();
            }

            var settings = TenantCookieSettingsHelper.GetForTenant(tenant.Id);
            settings.Index += 1;
            TenantCookieSettingsHelper.SetForTenant(tenant.Id, settings);

            var cookie = SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount.ID);
            SetCookies(CookiesType.AuthKey, cookie);
        }
    }
}
refactoring: add globalusings: web.core 2022-01-31 08:30:08 +00:00			`using Constants = ASC.Core.Users.Constants;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
			`namespace ASC.Web.Core`
			`{`
			`public enum CookiesType`
			`{`
			`AuthKey,`
			`SocketIO`
			`}`

Scope: refactoring 2020-10-19 15:53:15 +00:00			`[Scope]`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`public class CookiesManager`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
			`private const string AuthCookiesName = "asc_auth_key";`
			`private const string SocketIOCookiesName = "socketio.sid";`

private: firtst version 2020-08-12 09:58:08 +00:00			`private IHttpContextAccessor HttpContextAccessor { get; }`
			`private UserManager UserManager { get; }`
			`private SecurityContext SecurityContext { get; }`
			`private TenantCookieSettingsHelper TenantCookieSettingsHelper { get; }`
			`private TenantManager TenantManager { get; }`
ASC.Files.Thirdparty, ASC.Web.Core, ASC.ApiSystem: moved from 08a01422 2021-05-24 10:26:13 +00:00			`private CoreBaseSettings CoreBaseSettings { get; }`
DI: TenantManager 2019-09-17 08:07:46 +00:00
			`public CookiesManager(`
			`IHttpContextAccessor httpContextAccessor,`
			`UserManager userManager,`
			`SecurityContext securityContext,`
DI: refactoring. Extract settings helpers 2019-11-08 12:21:51 +00:00			`TenantCookieSettingsHelper tenantCookieSettingsHelper,`
ASC.Files.Thirdparty, ASC.Web.Core, ASC.ApiSystem: moved from 08a01422 2021-05-24 10:26:13 +00:00			`TenantManager tenantManager,`
			`CoreBaseSettings coreBaseSettings)`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`{`
			`HttpContextAccessor = httpContextAccessor;`
			`UserManager = userManager;`
			`SecurityContext = securityContext;`
DI: refactoring. Extract settings helpers 2019-11-08 12:21:51 +00:00			`TenantCookieSettingsHelper = tenantCookieSettingsHelper;`
DI: TenantManager 2019-09-17 08:07:46 +00:00			`TenantManager = tenantManager;`
ASC.Files.Thirdparty, ASC.Web.Core, ASC.ApiSystem: moved from 08a01422 2021-05-24 10:26:13 +00:00			`CoreBaseSettings = coreBaseSettings;`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`}`

Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`private static string GetCookiesName(CookiesType type)`
			`{`
IDE0066 2019-08-15 15:13:25 +00:00			`return type switch`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
IDE0066 2019-08-15 15:13:25 +00:00			`CookiesType.AuthKey => AuthCookiesName,`
			`CookiesType.SocketIO => SocketIOCookiesName,`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
IDE0066 2019-08-15 15:13:25 +00:00			`_ => string.Empty,`
			`};`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`public string GetRequestVar(CookiesType type)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`if (HttpContextAccessor?.HttpContext == null) return "";`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`var cookie = HttpContextAccessor.HttpContext.Request.Query[GetCookiesName(type)].FirstOrDefault() ?? HttpContextAccessor.HttpContext.Request.Form[GetCookiesName(type)].FirstOrDefault();`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`return string.IsNullOrEmpty(cookie) ? GetCookies(type) : cookie;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`public void SetCookies(CookiesType type, string value, bool session = false)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`if (HttpContextAccessor?.HttpContext == null) return;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`var options = new CookieOptions`
			`{`
			`Expires = GetExpiresDate(session)`
			`};`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`if (type == CookiesType.AuthKey)`
			`{`
			`options.HttpOnly = true;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`if (HttpContextAccessor.HttpContext.Request.GetUrlRewriter().Scheme == "https")`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`{`
			`options.Secure = true;`
ASC.Files.Thirdparty, ASC.Web.Core, ASC.ApiSystem: moved from 08a01422 2021-05-24 10:26:13 +00:00
Personal: fix login 2021-06-03 09:34:28 +00:00			`if (CoreBaseSettings.Personal)`
			`{`
			`options.SameSite = SameSiteMode.None;`
			`}`
ASC.Files.Thirdparty, ASC.Web.Core, ASC.ApiSystem: moved from 08a01422 2021-05-24 10:26:13 +00:00			`}`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`HttpContextAccessor.HttpContext.Response.Cookies.Append(GetCookiesName(type), value, options);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`public void SetCookies(CookiesType type, string value, string domain, bool session = false)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`if (HttpContextAccessor?.HttpContext == null) return;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`var options = new CookieOptions`
			`{`
			`Expires = GetExpiresDate(session),`
			`Domain = domain`
			`};`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`if (type == CookiesType.AuthKey)`
			`{`
			`options.HttpOnly = true;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`if (HttpContextAccessor.HttpContext.Request.GetUrlRewriter().Scheme == "https")`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`{`
			`options.Secure = true;`
ASC.Files.Thirdparty, ASC.Web.Core, ASC.ApiSystem: moved from 08a01422 2021-05-24 10:26:13 +00:00
Personal: fix login 2021-06-03 09:34:28 +00:00			`if (CoreBaseSettings.Personal)`
			`{`
			`options.SameSite = SameSiteMode.None;`
			`}`
ASC.Files.Thirdparty, ASC.Web.Core, ASC.ApiSystem: moved from 08a01422 2021-05-24 10:26:13 +00:00			`}`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`}`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`HttpContextAccessor.HttpContext.Response.Cookies.Append(GetCookiesName(type), value, options);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`public string GetCookies(CookiesType type)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`if (HttpContextAccessor?.HttpContext != null)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
			`var cookieName = GetCookiesName(type);`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`if (HttpContextAccessor.HttpContext.Request.Cookies.ContainsKey(cookieName))`
			`return HttpContextAccessor.HttpContext.Request.Cookies[cookieName] ?? "";`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`
			`return "";`
			`}`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`public void ClearCookies(CookiesType type)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`if (HttpContextAccessor?.HttpContext == null) return;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`if (HttpContextAccessor.HttpContext.Request.Cookies.ContainsKey(GetCookiesName(type)))`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`{`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`HttpContextAccessor.HttpContext.Response.Cookies.Delete(GetCookiesName(type), new CookieOptions() { Expires = DateTime.Now.AddDays(-3) });`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

Core: fixed session 2021-11-30 19:16:23 +00:00			`private DateTime? GetExpiresDate(bool session)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
Core: fixed session 2021-11-30 19:16:23 +00:00			`DateTime? expires = null;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
			`if (!session)`
			`{`
Core: resolve properties for mapping, add mapping/projection 2022-02-15 10:30:05 +00:00			`var tenant = TenantManager.GetCurrentTenant().Id;`
DI: refactoring. Extract settings helpers 2019-11-08 12:21:51 +00:00			`expires = TenantCookieSettingsHelper.GetExpiresTime(tenant);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

			`return expires;`
			`}`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`public void SetLifeTime(int lifeTime)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
DI: TenantManager 2019-09-17 12:42:32 +00:00			`var tenant = TenantManager.GetCurrentTenant();`
revert f85711b7362a22ea46e243f34632c80b16840462 2019-09-12 11:34:58 +00:00			`if (!UserManager.IsUserInGroup(SecurityContext.CurrentAccount.ID, Constants.GroupAdmin.ID))`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
			`throw new SecurityException();`
			`}`

Core: resolve properties for mapping, add mapping/projection 2022-02-15 10:30:05 +00:00			`var settings = TenantCookieSettingsHelper.GetForTenant(tenant.Id);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
			`if (lifeTime > 0)`
			`{`
IDE0054, IDE0056, IDE0057, IDE1005 2019-08-15 14:48:55 +00:00			`settings.Index += 1;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`settings.LifeTime = lifeTime;`
			`}`
			`else`
			`{`
			`settings.LifeTime = 0;`
			`}`

Core: resolve properties for mapping, add mapping/projection 2022-02-15 10:30:05 +00:00			`TenantCookieSettingsHelper.SetForTenant(tenant.Id, settings);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
DI: refactoring 2019-09-20 15:53:27 +00:00			`var cookie = SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount.ID);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`SetCookies(CookiesType.AuthKey, cookie);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`public int GetLifeTime(int tenantId)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
DI: refactoring. Extract settings helpers 2019-11-08 12:21:51 +00:00			`return TenantCookieSettingsHelper.GetForTenant(tenantId).LifeTime;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

DI: refactoring 2019-09-20 15:53:27 +00:00			`public void ResetUserCookie(Guid? userId = null)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
DI: refactoring. Extract settings helpers 2019-11-08 12:21:51 +00:00			`var settings = TenantCookieSettingsHelper.GetForUser(userId ?? SecurityContext.CurrentAccount.ID);`
IDE0054, IDE0056, IDE0057, IDE1005 2019-08-15 14:48:55 +00:00			`settings.Index += 1;`
DI: refactoring. Extract settings helpers 2019-11-08 12:21:51 +00:00			`TenantCookieSettingsHelper.SetForUser(userId ?? SecurityContext.CurrentAccount.ID, settings);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
			`if (!userId.HasValue)`
			`{`
DI: refactoring 2019-09-20 15:53:27 +00:00			`var cookie = SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount.ID);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`SetCookies(CookiesType.AuthKey, cookie);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`
			`}`

Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`public void ResetTenantCookie()`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
DI: TenantManager 2019-09-17 12:42:32 +00:00			`var tenant = TenantManager.GetCurrentTenant();`
Optimization 2019-08-08 09:26:58 +00:00
revert f85711b7362a22ea46e243f34632c80b16840462 2019-09-12 11:34:58 +00:00			`if (!UserManager.IsUserInGroup(SecurityContext.CurrentAccount.ID, Constants.GroupAdmin.ID))`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
			`throw new SecurityException();`
			`}`

Core: resolve properties for mapping, add mapping/projection 2022-02-15 10:30:05 +00:00			`var settings = TenantCookieSettingsHelper.GetForTenant(tenant.Id);`
IDE0054, IDE0056, IDE0057, IDE1005 2019-08-15 14:48:55 +00:00			`settings.Index += 1;`
Core: resolve properties for mapping, add mapping/projection 2022-02-15 10:30:05 +00:00			`TenantCookieSettingsHelper.SetForTenant(tenant.Id, settings);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
DI: refactoring 2019-09-20 15:53:27 +00:00			`var cookie = SecurityContext.AuthenticateMe(SecurityContext.CurrentAccount.ID);`
Dependency injection Packages updated 2019-09-09 12:56:33 +00:00			`SetCookies(CookiesType.AuthKey, cookie);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`
			`}`
			`}`