DocSpace-buildtools/web/ASC.Web.Core/CookiesManager.cs

// (c) Copyright Ascensio System SIA 2010-2022
//
// This program is a free software product.
// You can redistribute it and/or modify it under the terms
// of the GNU Affero General Public License (AGPL) version 3 as published by the Free Software
// Foundation. In accordance with Section 7(a) of the GNU AGPL its Section 15 shall be amended
// to the effect that Ascensio System SIA expressly excludes the warranty of non-infringement of
// any third-party rights.
//
// This program is distributed WITHOUT ANY WARRANTY, without even the implied warranty
// of MERCHANTABILITY or FITNESS FOR A PARTICULAR  PURPOSE. For details, see
// the GNU AGPL at: http://www.gnu.org/licenses/agpl-3.0.html
//
// You can contact Ascensio System SIA at Lubanas st. 125a-25, Riga, Latvia, EU, LV-1021.
//
// The  interactive user interfaces in modified source and object code versions of the Program must
// display Appropriate Legal Notices, as required under Section 5 of the GNU AGPL version 3.
//
// Pursuant to Section 7(b) of the License you must retain the original Product logo when
// distributing the program. Pursuant to Section 7(e) we decline to grant you any rights under
// trademark law for use of our trademarks.
//
// All the Product's GUI elements, including illustrations and icon sets, as well as technical writing
// content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0
// International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode

using ASC.Core.Data;

using Microsoft.Net.Http.Headers;

using Constants = ASC.Core.Users.Constants;

namespace ASC.Web.Core;

public enum CookiesType
{
    AuthKey,
    SocketIO
}

[Scope]
public class CookiesManager
{
    private const string AuthCookiesName = "asc_auth_key";
    private const string SocketIOCookiesName = "socketio.sid";

    private readonly IHttpContextAccessor _httpContextAccessor;
    private readonly UserManager _userManager;
    private readonly SecurityContext _securityContext;
    private readonly TenantCookieSettingsHelper _tenantCookieSettingsHelper;
    private readonly TenantManager _tenantManager;
    private readonly CoreBaseSettings _coreBaseSettings;
    private readonly DbLoginEventsManager _dbLoginEventsManager;
    private readonly MessageService _messageService;
    private readonly ILogger<CookiesManager> _logger;

    public CookiesManager(
        IHttpContextAccessor httpContextAccessor,
        UserManager userManager,
        SecurityContext securityContext,
        TenantCookieSettingsHelper tenantCookieSettingsHelper,
        TenantManager tenantManager,
        CoreBaseSettings coreBaseSettings,
        DbLoginEventsManager dbLoginEventsManager,
        MessageService messageService,
        ILogger<CookiesManager> logger)
    {
        _httpContextAccessor = httpContextAccessor;
        _userManager = userManager;
        _securityContext = securityContext;
        _tenantCookieSettingsHelper = tenantCookieSettingsHelper;
        _tenantManager = tenantManager;
        _coreBaseSettings = coreBaseSettings;
        _dbLoginEventsManager = dbLoginEventsManager;
        _messageService = messageService;
        _logger = logger;
    }

    public void SetCookies(CookiesType type, string value, bool session = false)
    {
        if (_httpContextAccessor?.HttpContext == null)
        {
            return;
        }

        var options = new CookieOptions
        {
            Expires = GetExpiresDate(session)
        };

        if (type == CookiesType.AuthKey)
        {
            options.HttpOnly = true;

            var urlRewriter = _httpContextAccessor.HttpContext.Request.GetUrlRewriter();
            if (urlRewriter.Scheme == "https")
            {
                options.Secure = true;
            }

            if (FromCors())
            {
                options.Domain = $".{_coreBaseSettings.Basedomain}";
            }
        }

        _httpContextAccessor.HttpContext.Response.Cookies.Append(GetCookiesName(type), value, options);
    }

    public string GetCookies(CookiesType type)
    {
        if (_httpContextAccessor?.HttpContext != null)
        {
            var cookieName = GetCookiesName(type);

            if (_httpContextAccessor.HttpContext.Request.Cookies.ContainsKey(cookieName))
            {
                return _httpContextAccessor.HttpContext.Request.Cookies[cookieName] ?? "";
            }
        }
        return "";
    }

    public void ClearCookies(CookiesType type)
    {
        if (_httpContextAccessor?.HttpContext == null)
        {
            return;
        }

        if (_httpContextAccessor.HttpContext.Request.Cookies.ContainsKey(GetCookiesName(type)))
        {
            _httpContextAccessor.HttpContext.Response.Cookies.Delete(GetCookiesName(type), new CookieOptions() { Expires = DateTime.Now.AddDays(-3) });
        }
    }

    private DateTime? GetExpiresDate(bool session)
    {
        DateTime? expires = null;

        if (!session)
        {
            var tenant = _tenantManager.GetCurrentTenant().Id;
            expires = _tenantCookieSettingsHelper.GetExpiresTime(tenant);
        }

        return expires;
    }

    public async Task SetLifeTime(int lifeTime)
    {
        var tenant = _tenantManager.GetCurrentTenant();
        if (!_userManager.IsUserInGroup(_securityContext.CurrentAccount.ID, Constants.GroupAdmin.ID))
        {
            throw new SecurityException();
        }

        var settings = _tenantCookieSettingsHelper.GetForTenant(tenant.Id);

        if (lifeTime > 0)
        {
            settings.Index += 1;
            settings.LifeTime = lifeTime;
        }
        else
        {
            settings.LifeTime = 0;
        }

        _tenantCookieSettingsHelper.SetForTenant(tenant.Id, settings);

        if (lifeTime > 0)
        {
            await _dbLoginEventsManager.LogOutAllActiveConnectionsForTenant(tenant.Id);
        }

        AuthenticateMeAndSetCookies(tenant.Id, _securityContext.CurrentAccount.ID, MessageAction.LoginSuccess);
    }

    public int GetLifeTime(int tenantId)
    {
        return _tenantCookieSettingsHelper.GetForTenant(tenantId).LifeTime;
    }

    public async Task ResetUserCookie(Guid? userId = null)
    {
        var currentUserId = _securityContext.CurrentAccount.ID;
        var tenant = _tenantManager.GetCurrentTenant().Id;
        var settings = _tenantCookieSettingsHelper.GetForUser(userId ?? currentUserId);
        settings.Index = settings.Index + 1;
        _tenantCookieSettingsHelper.SetForUser(userId ?? currentUserId, settings);

        await _dbLoginEventsManager.LogOutAllActiveConnections(tenant, userId ?? currentUserId);

        if (!userId.HasValue)
        {
            AuthenticateMeAndSetCookies(tenant, currentUserId, MessageAction.LoginSuccess);
        }
    }

    public async Task ResetTenantCookie()
    {
        var tenant = _tenantManager.GetCurrentTenant();

        if (!_userManager.IsUserInGroup(_securityContext.CurrentAccount.ID, Constants.GroupAdmin.ID))
        {
            throw new SecurityException();
        }

        var settings = _tenantCookieSettingsHelper.GetForTenant(tenant.Id);
        settings.Index += 1;
        _tenantCookieSettingsHelper.SetForTenant(tenant.Id, settings);

        await _dbLoginEventsManager.LogOutAllActiveConnectionsForTenant(tenant.Id);
    }

    public string AuthenticateMeAndSetCookies(int tenantId, Guid userId, MessageAction action, bool session = false)
    {
        var isSuccess = true;
        var cookies = string.Empty;
        Func<int> funcLoginEvent = () => { return GetLoginEventId(action); };

        try
        {
            cookies = _securityContext.AuthenticateMe(userId, funcLoginEvent);
        }
        catch (Exception)
        {
            isSuccess = false;
            throw;
        }
        finally
        {
            if (isSuccess)
            {
                SetCookies(CookiesType.AuthKey, cookies, session);
                _dbLoginEventsManager.ResetCache(tenantId, userId);
            }
        }

        return cookies;
    }

    public void AuthenticateMeAndSetCookies(string login, string passwordHash, MessageAction action, bool session = false)
    {
        var isSuccess = true;
        var cookies = string.Empty;
        Func<int> funcLoginEvent = () => { return GetLoginEventId(action); };

        try
        {
            cookies = _securityContext.AuthenticateMe(login, passwordHash, funcLoginEvent);
        }
        catch (Exception)
        {
            isSuccess = false;
            throw;
        }
        finally
        {
            if (isSuccess)
            {
                SetCookies(CookiesType.AuthKey, cookies, session);
                _dbLoginEventsManager.ResetCache();
            }
        }
    }

    public int GetLoginEventId(MessageAction action)
    {
        var tenantId = _tenantManager.GetCurrentTenant().Id;
        var userId = _securityContext.CurrentAccount.ID;
        var data = new MessageUserData(tenantId, userId);

        return _messageService.SendLoginMessage(data, action);
    }

    private string GetCookiesName(CookiesType type)
    {
        var result = type switch
        {
            CookiesType.AuthKey => AuthCookiesName,
            CookiesType.SocketIO => SocketIOCookiesName,

            _ => string.Empty,
        };

        if (FromCors())
        {
            var origin = _httpContextAccessor.HttpContext.Request.Headers[HeaderNames.Origin].FirstOrDefault();
            if (!string.IsNullOrEmpty(origin))
            {
                var originUri = new Uri(origin);
                result = $"{result}_{originUri.Host.Replace('.', '_')}";
            }
        }

        return result;
    }

    private bool FromCors()
    {
        var urlRewriter = _httpContextAccessor.HttpContext.Request.GetUrlRewriter();
        var origin = _httpContextAccessor.HttpContext.Request.Headers[HeaderNames.Origin].FirstOrDefault();
        var baseDomain = _coreBaseSettings.Basedomain;

        try
        {
            _logger.Debug($"baseDomain:{baseDomain}");
            _logger.Debug($"origin:{origin}");

            if (!string.IsNullOrEmpty(origin))
            {
                var originUri = new Uri(origin);

                _logger.Debug($"originHost:{originUri.Host}");
                _logger.Debug($"urlRewriter:{urlRewriter.Host}");

                if (!string.IsNullOrEmpty(baseDomain) &&
                urlRewriter.Host != originUri.Host &&
                originUri.Host.EndsWith(baseDomain))
                {
                    return true;
                }
            }
        }
        catch (Exception)
        {

        }

        return false;
    }
}
added new license headers 2022-03-15 18:00:53 +00:00			`// (c) Copyright Ascensio System SIA 2010-2022`
			`//`
			`// This program is a free software product.`
			`// You can redistribute it and/or modify it under the terms`
			`// of the GNU Affero General Public License (AGPL) version 3 as published by the Free Software`
			`// Foundation. In accordance with Section 7(a) of the GNU AGPL its Section 15 shall be amended`
			`// to the effect that Ascensio System SIA expressly excludes the warranty of non-infringement of`
			`// any third-party rights.`
			`//`
			`// This program is distributed WITHOUT ANY WARRANTY, without even the implied warranty`
			`// of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. For details, see`
			`// the GNU AGPL at: http://www.gnu.org/licenses/agpl-3.0.html`
			`//`
			`// You can contact Ascensio System SIA at Lubanas st. 125a-25, Riga, Latvia, EU, LV-1021.`
			`//`
			`// The interactive user interfaces in modified source and object code versions of the Program must`
			`// display Appropriate Legal Notices, as required under Section 5 of the GNU AGPL version 3.`
			`//`
			`// Pursuant to Section 7(b) of the License you must retain the original Product logo when`
			`// distributing the program. Pursuant to Section 7(e) we decline to grant you any rights under`
			`// trademark law for use of our trademarks.`
			`//`
			`// All the Product's GUI elements, including illustrations and icon sets, as well as technical writing`
			`// content are licensed under the terms of the Creative Commons Attribution-ShareAlike 4.0`
			`// International. See the License terms at http://creativecommons.org/licenses/by-sa/4.0/legalcode`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`using ASC.Core.Data;`

Core: cookie for origin 2022-11-18 10:20:50 +00:00			`using Microsoft.Net.Http.Headers;`

refactoring: add globalusings: web.core 2022-01-31 08:30:08 +00:00			`using Constants = ASC.Core.Users.Constants;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
IDE0161 2022-03-17 15:13:38 +00:00			`namespace ASC.Web.Core;`

			`public enum CookiesType`
			`{`
			`AuthKey,`
			`SocketIO`
			`}`

			`[Scope]`
			`public class CookiesManager`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
IDE1006 2022-03-25 16:26:06 +00:00			`private const string AuthCookiesName = "asc_auth_key";`
			`private const string SocketIOCookiesName = "socketio.sid";`
IDE0161 2022-03-17 15:13:38 +00:00
refactoring 2022-04-15 09:08:06 +00:00			`private readonly IHttpContextAccessor _httpContextAccessor;`
			`private readonly UserManager _userManager;`
			`private readonly SecurityContext _securityContext;`
			`private readonly TenantCookieSettingsHelper _tenantCookieSettingsHelper;`
			`private readonly TenantManager _tenantManager;`
			`private readonly CoreBaseSettings _coreBaseSettings;`
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`private readonly DbLoginEventsManager _dbLoginEventsManager;`
			`private readonly MessageService _messageService;`
logging 2022-11-18 12:12:36 +00:00			`private readonly ILogger<CookiesManager> _logger;`
IDE0161 2022-03-17 15:13:38 +00:00
			`public CookiesManager(`
			`IHttpContextAccessor httpContextAccessor,`
			`UserManager userManager,`
			`SecurityContext securityContext,`
			`TenantCookieSettingsHelper tenantCookieSettingsHelper,`
			`TenantManager tenantManager,`
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`CoreBaseSettings coreBaseSettings,`
			`DbLoginEventsManager dbLoginEventsManager,`
logging 2022-11-18 12:12:36 +00:00			`MessageService messageService,`
			`ILogger<CookiesManager> logger)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
refactoring 2022-04-15 09:08:06 +00:00			`_httpContextAccessor = httpContextAccessor;`
			`_userManager = userManager;`
			`_securityContext = securityContext;`
			`_tenantCookieSettingsHelper = tenantCookieSettingsHelper;`
			`_tenantManager = tenantManager;`
			`_coreBaseSettings = coreBaseSettings;`
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`_dbLoginEventsManager = dbLoginEventsManager;`
			`_messageService = messageService;`
logging 2022-11-18 12:12:36 +00:00			`_logger = logger;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

IDE0161 2022-03-17 15:13:38 +00:00			`public void SetCookies(CookiesType type, string value, bool session = false)`
			`{`
refactoring 2022-04-15 09:08:06 +00:00			`if (_httpContextAccessor?.HttpContext == null)`
IDE0161 2022-03-17 15:13:38 +00:00			`{`
			`return;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

IDE0161 2022-03-17 15:13:38 +00:00			`var options = new CookieOptions`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
IDE0161 2022-03-17 15:13:38 +00:00			`Expires = GetExpiresDate(session)`
			`};`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
IDE0161 2022-03-17 15:13:38 +00:00			`if (type == CookiesType.AuthKey)`
			`{`
			`options.HttpOnly = true;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Core: cookie for origin 2022-11-18 10:20:50 +00:00			`var urlRewriter = _httpContextAccessor.HttpContext.Request.GetUrlRewriter();`
			`if (urlRewriter.Scheme == "https")`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`{`
IDE0161 2022-03-17 15:13:38 +00:00			`options.Secure = true;`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
Core: cookie for origin 2022-11-18 10:20:50 +00:00			`if (FromCors())`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`{`
Core: cookie for origin 2022-11-18 10:20:50 +00:00			`options.Domain = $".{_coreBaseSettings.Basedomain}";`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

refactoring 2022-04-15 09:08:06 +00:00			`_httpContextAccessor.HttpContext.Response.Cookies.Append(GetCookiesName(type), value, options);`
IDE0161 2022-03-17 15:13:38 +00:00			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
IDE0161 2022-03-17 15:13:38 +00:00			`public string GetCookies(CookiesType type)`
			`{`
refactoring 2022-04-15 09:08:06 +00:00			`if (_httpContextAccessor?.HttpContext != null)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
IDE0161 2022-03-17 15:13:38 +00:00			`var cookieName = GetCookiesName(type);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
refactoring 2022-04-15 09:08:06 +00:00			`if (_httpContextAccessor.HttpContext.Request.Cookies.ContainsKey(cookieName))`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`{`
refactoring 2022-04-15 09:08:06 +00:00			`return _httpContextAccessor.HttpContext.Request.Cookies[cookieName] ?? "";`
Api: SetCookies. Searching dll and resources in valid path 2019-07-08 12:15:24 +00:00			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`
IDE0161 2022-03-17 15:13:38 +00:00			`return "";`
			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
IDE0161 2022-03-17 15:13:38 +00:00			`public void ClearCookies(CookiesType type)`
			`{`
refactoring 2022-04-15 09:08:06 +00:00			`if (_httpContextAccessor?.HttpContext == null)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
IDE0161 2022-03-17 15:13:38 +00:00			`return;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

refactoring 2022-04-15 09:08:06 +00:00			`if (_httpContextAccessor.HttpContext.Request.Cookies.ContainsKey(GetCookiesName(type)))`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
refactoring 2022-04-15 09:08:06 +00:00			`_httpContextAccessor.HttpContext.Response.Cookies.Delete(GetCookiesName(type), new CookieOptions() { Expires = DateTime.Now.AddDays(-3) });`
IDE0161 2022-03-17 15:13:38 +00:00			`}`
			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
IDE0161 2022-03-17 15:13:38 +00:00			`private DateTime? GetExpiresDate(bool session)`
			`{`
			`DateTime? expires = null;`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
IDE0161 2022-03-17 15:13:38 +00:00			`if (!session)`
			`{`
refactoring 2022-04-15 09:08:06 +00:00			`var tenant = _tenantManager.GetCurrentTenant().Id;`
			`expires = _tenantCookieSettingsHelper.GetExpiresTime(tenant);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

IDE0161 2022-03-17 15:13:38 +00:00			`return expires;`
			`}`

moved from ddf515b8 2022-06-14 08:11:41 +00:00			`public async Task SetLifeTime(int lifeTime)`
IDE0161 2022-03-17 15:13:38 +00:00			`{`
refactoring 2022-04-15 09:08:06 +00:00			`var tenant = _tenantManager.GetCurrentTenant();`
			`if (!_userManager.IsUserInGroup(_securityContext.CurrentAccount.ID, Constants.GroupAdmin.ID))`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
IDE0161 2022-03-17 15:13:38 +00:00			`throw new SecurityException();`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`

refactoring 2022-04-15 09:08:06 +00:00			`var settings = _tenantCookieSettingsHelper.GetForTenant(tenant.Id);`
IDE0161 2022-03-17 15:13:38 +00:00
			`if (lifeTime > 0)`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`{`
IDE0054, IDE0056, IDE0057, IDE1005 2019-08-15 14:48:55 +00:00			`settings.Index += 1;`
IDE0161 2022-03-17 15:13:38 +00:00			`settings.LifeTime = lifeTime;`
			`}`
			`else`
			`{`
			`settings.LifeTime = 0;`
			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
refactoring 2022-04-15 09:08:06 +00:00			`_tenantCookieSettingsHelper.SetForTenant(tenant.Id, settings);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`if (lifeTime > 0)`
			`{`
			`await _dbLoginEventsManager.LogOutAllActiveConnectionsForTenant(tenant.Id);`
			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`AuthenticateMeAndSetCookies(tenant.Id, _securityContext.CurrentAccount.ID, MessageAction.LoginSuccess);`
IDE0161 2022-03-17 15:13:38 +00:00			`}`
Optimization 2019-08-08 09:26:58 +00:00
IDE0161 2022-03-17 15:13:38 +00:00			`public int GetLifeTime(int tenantId)`
			`{`
refactoring 2022-04-15 09:08:06 +00:00			`return _tenantCookieSettingsHelper.GetForTenant(tenantId).LifeTime;`
IDE0161 2022-03-17 15:13:38 +00:00			`}`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`public async Task ResetUserCookie(Guid? userId = null)`
IDE0161 2022-03-17 15:13:38 +00:00			`{`
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`var currentUserId = _securityContext.CurrentAccount.ID;`
			`var tenant = _tenantManager.GetCurrentTenant().Id;`
			`var settings = _tenantCookieSettingsHelper.GetForUser(userId ?? currentUserId);`
			`settings.Index = settings.Index + 1;`
			`_tenantCookieSettingsHelper.SetForUser(userId ?? currentUserId, settings);`

			`await _dbLoginEventsManager.LogOutAllActiveConnections(tenant, userId ?? currentUserId);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00
IDE0161 2022-03-17 15:13:38 +00:00			`if (!userId.HasValue)`
			`{`
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`AuthenticateMeAndSetCookies(tenant, currentUserId, MessageAction.LoginSuccess);`
Added ASC.Web.Core 2019-06-07 08:59:07 +00:00			`}`
			`}`
IDE0161 2022-03-17 15:13:38 +00:00
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`public async Task ResetTenantCookie()`
IDE0161 2022-03-17 15:13:38 +00:00			`{`
refactoring 2022-04-15 09:08:06 +00:00			`var tenant = _tenantManager.GetCurrentTenant();`
IDE0161 2022-03-17 15:13:38 +00:00
refactoring 2022-04-15 09:08:06 +00:00			`if (!_userManager.IsUserInGroup(_securityContext.CurrentAccount.ID, Constants.GroupAdmin.ID))`
IDE0161 2022-03-17 15:13:38 +00:00			`{`
			`throw new SecurityException();`
			`}`

refactoring 2022-04-15 09:08:06 +00:00			`var settings = _tenantCookieSettingsHelper.GetForTenant(tenant.Id);`
IDE0161 2022-03-17 15:13:38 +00:00			`settings.Index += 1;`
refactoring 2022-04-15 09:08:06 +00:00			`_tenantCookieSettingsHelper.SetForTenant(tenant.Id, settings);`
IDE0161 2022-03-17 15:13:38 +00:00
moved from ddf515b8 2022-06-14 08:11:41 +00:00			`await _dbLoginEventsManager.LogOutAllActiveConnectionsForTenant(tenant.Id);`
			`}`

			`public string AuthenticateMeAndSetCookies(int tenantId, Guid userId, MessageAction action, bool session = false)`
			`{`
			`var isSuccess = true;`
			`var cookies = string.Empty;`
			`Func<int> funcLoginEvent = () => { return GetLoginEventId(action); };`

			`try`
			`{`
			`cookies = _securityContext.AuthenticateMe(userId, funcLoginEvent);`
			`}`
			`catch (Exception)`
			`{`
			`isSuccess = false;`
			`throw;`
			`}`
			`finally`
			`{`
			`if (isSuccess)`
			`{`
			`SetCookies(CookiesType.AuthKey, cookies, session);`
			`_dbLoginEventsManager.ResetCache(tenantId, userId);`
			`}`
			`}`

			`return cookies;`
			`}`

			`public void AuthenticateMeAndSetCookies(string login, string passwordHash, MessageAction action, bool session = false)`
			`{`
			`var isSuccess = true;`
			`var cookies = string.Empty;`
			`Func<int> funcLoginEvent = () => { return GetLoginEventId(action); };`

			`try`
			`{`
			`cookies = _securityContext.AuthenticateMe(login, passwordHash, funcLoginEvent);`
			`}`
			`catch (Exception)`
			`{`
			`isSuccess = false;`
			`throw;`
			`}`
			`finally`
			`{`
			`if (isSuccess)`
			`{`
			`SetCookies(CookiesType.AuthKey, cookies, session);`
			`_dbLoginEventsManager.ResetCache();`
			`}`
			`}`
			`}`

			`public int GetLoginEventId(MessageAction action)`
			`{`
			`var tenantId = _tenantManager.GetCurrentTenant().Id;`
			`var userId = _securityContext.CurrentAccount.ID;`
			`var data = new MessageUserData(tenantId, userId);`

			`return _messageService.SendLoginMessage(data, action);`
IDE0161 2022-03-17 15:13:38 +00:00			`}`
Core: cookie for origin 2022-11-18 10:20:50 +00:00
			`private string GetCookiesName(CookiesType type)`
			`{`
			`var result = type switch`
			`{`
			`CookiesType.AuthKey => AuthCookiesName,`
			`CookiesType.SocketIO => SocketIOCookiesName,`

			`_ => string.Empty,`
			`};`

			`if (FromCors())`
			`{`
			`var origin = _httpContextAccessor.HttpContext.Request.Headers[HeaderNames.Origin].FirstOrDefault();`
			`if (!string.IsNullOrEmpty(origin))`
			`{`
			`var originUri = new Uri(origin);`
			`result = $"{result}_{originUri.Host.Replace('.', '_')}";`
			`}`
			`}`

			`return result;`
			`}`

			`private bool FromCors()`
			`{`
			`var urlRewriter = _httpContextAccessor.HttpContext.Request.GetUrlRewriter();`
			`var origin = _httpContextAccessor.HttpContext.Request.Headers[HeaderNames.Origin].FirstOrDefault();`
			`var baseDomain = _coreBaseSettings.Basedomain;`

			`try`
			`{`
logging 2022-11-18 12:12:36 +00:00			`_logger.Debug($"baseDomain:{baseDomain}");`
			`_logger.Debug($"origin:{origin}");`

Core: cookie for origin 2022-11-18 10:20:50 +00:00			`if (!string.IsNullOrEmpty(origin))`
			`{`
			`var originUri = new Uri(origin);`
logging 2022-11-18 12:12:36 +00:00
			`_logger.Debug($"originHost:{originUri.Host}");`
			`_logger.Debug($"urlRewriter:{urlRewriter.Host}");`

Core: cookie for origin 2022-11-18 10:20:50 +00:00			`if (!string.IsNullOrEmpty(baseDomain) &&`
			`urlRewriter.Host != originUri.Host &&`
			`originUri.Host.EndsWith(baseDomain))`
			`{`
			`return true;`
			`}`
			`}`
			`}`
			`catch (Exception)`
			`{`

			`}`

			`return false;`
			`}`
IDE0161 2022-03-17 15:13:38 +00:00			`}`