pavelbannov
68483bc979
# Conflicts: # common/ASC.FederatedLogin/LoginProviders/BoxLoginProvider.cs # common/ASC.FederatedLogin/LoginProviders/DocuSignLoginProvider.cs # common/ASC.FederatedLogin/LoginProviders/DropboxLoginProvider.cs # common/ASC.FederatedLogin/LoginProviders/GoogleLoginProvider.cs # common/ASC.FederatedLogin/LoginProviders/OneDriveLoginProvider.cs # web/ASC.Web.Api/Controllers/PortalController.cs # web/ASC.Web.Api/Startup.cs
164 lines
5.2 KiB
C#
164 lines
5.2 KiB
C#
using System;
|
|
|
|
using ASC.Common;
|
|
using ASC.Core;
|
|
using ASC.Core.Tenants;
|
|
using ASC.Core.Users;
|
|
using ASC.Security.Cryptography;
|
|
using ASC.Web.Api.Models;
|
|
using ASC.Web.Api.Routing;
|
|
using ASC.Web.Core;
|
|
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
using static ASC.Security.Cryptography.EmailValidationKeyProvider;
|
|
|
|
namespace ASC.Web.Api.Controllers
|
|
{
|
|
[Scope]
|
|
[DefaultRoute]
|
|
[ApiController]
|
|
[AllowAnonymous]
|
|
public class AuthenticationController : ControllerBase
|
|
{
|
|
private UserManager UserManager { get; }
|
|
private TenantManager TenantManager { get; }
|
|
private SecurityContext SecurityContext { get; }
|
|
private TenantCookieSettingsHelper TenantCookieSettingsHelper { get; }
|
|
private CookiesManager CookiesManager { get; }
|
|
public PasswordHasher PasswordHasher { get; }
|
|
public EmailValidationKeyModelHelper EmailValidationKeyModelHelper { get; }
|
|
|
|
public AuthenticationController(
|
|
UserManager userManager,
|
|
TenantManager tenantManager,
|
|
SecurityContext securityContext,
|
|
TenantCookieSettingsHelper tenantCookieSettingsHelper,
|
|
CookiesManager cookiesManager,
|
|
PasswordHasher passwordHasher,
|
|
EmailValidationKeyModelHelper emailValidationKeyModelHelper)
|
|
{
|
|
UserManager = userManager;
|
|
TenantManager = tenantManager;
|
|
SecurityContext = securityContext;
|
|
TenantCookieSettingsHelper = tenantCookieSettingsHelper;
|
|
CookiesManager = cookiesManager;
|
|
PasswordHasher = passwordHasher;
|
|
EmailValidationKeyModelHelper = emailValidationKeyModelHelper;
|
|
}
|
|
|
|
[Create(false)]
|
|
public AuthenticationTokenData AuthenticateMeFromBody([FromBody] AuthModel auth)
|
|
{
|
|
return AuthenticateMe(auth);
|
|
}
|
|
|
|
[Create(false)]
|
|
[Consumes("application/x-www-form-urlencoded")]
|
|
public AuthenticationTokenData AuthenticateMeFromForm([FromForm] AuthModel auth)
|
|
{
|
|
return AuthenticateMe(auth);
|
|
}
|
|
|
|
private AuthenticationTokenData AuthenticateMe(AuthModel auth)
|
|
{
|
|
var tenant = TenantManager.GetCurrentTenant();
|
|
var user = GetUser(tenant.TenantId, auth);
|
|
|
|
try
|
|
{
|
|
var token = SecurityContext.AuthenticateMe(user.ID);
|
|
CookiesManager.SetCookies(CookiesType.AuthKey, token);
|
|
var expires = TenantCookieSettingsHelper.GetExpiresTime(tenant.TenantId);
|
|
|
|
return new AuthenticationTokenData
|
|
{
|
|
Token = token,
|
|
Expires = expires
|
|
};
|
|
}
|
|
catch
|
|
{
|
|
throw new Exception("User authentication failed");
|
|
}
|
|
}
|
|
|
|
[Create("logout")]
|
|
public void Logout()
|
|
{
|
|
CookiesManager.ClearCookies(CookiesType.AuthKey);
|
|
CookiesManager.ClearCookies(CookiesType.SocketIO);
|
|
}
|
|
|
|
[AllowAnonymous]
|
|
[Create("confirm", false)]
|
|
public ValidationResult CheckConfirmFromBody([FromBody] EmailValidationKeyModel model)
|
|
{
|
|
return EmailValidationKeyModelHelper.Validate(model);
|
|
}
|
|
|
|
[AllowAnonymous]
|
|
[Create("confirm", false)]
|
|
[Consumes("application/x-www-form-urlencoded")]
|
|
public ValidationResult CheckConfirmFromForm([FromForm] EmailValidationKeyModel model)
|
|
{
|
|
return EmailValidationKeyModelHelper.Validate(model);
|
|
}
|
|
|
|
private UserInfo GetUser(int tenantId, AuthModel memberModel)
|
|
{
|
|
memberModel.PasswordHash = (memberModel.PasswordHash ?? "").Trim();
|
|
|
|
if (string.IsNullOrEmpty(memberModel.PasswordHash))
|
|
{
|
|
memberModel.Password = (memberModel.Password ?? "").Trim();
|
|
|
|
if (!string.IsNullOrEmpty(memberModel.Password))
|
|
{
|
|
memberModel.PasswordHash = PasswordHasher.GetClientPassword(memberModel.Password);
|
|
}
|
|
}
|
|
|
|
var user = UserManager.GetUsersByPasswordHash(
|
|
tenantId,
|
|
memberModel.UserName,
|
|
memberModel.PasswordHash);
|
|
|
|
if (user == null || !UserManager.UserExists(user))
|
|
{
|
|
throw new Exception("user not found");
|
|
}
|
|
|
|
return user;
|
|
}
|
|
}
|
|
|
|
public class AuthenticationTokenData
|
|
{
|
|
public string Token { get; set; }
|
|
|
|
public DateTime Expires { get; set; }
|
|
|
|
public bool Sms { get; set; }
|
|
|
|
public string PhoneNoise { get; set; }
|
|
|
|
public bool Tfa { get; set; }
|
|
|
|
public string TfaKey { get; set; }
|
|
|
|
public static AuthenticationTokenData GetSample()
|
|
{
|
|
return new AuthenticationTokenData
|
|
{
|
|
Expires = DateTime.UtcNow,
|
|
Token = "abcde12345",
|
|
Sms = false,
|
|
PhoneNoise = null,
|
|
Tfa = false,
|
|
TfaKey = null
|
|
};
|
|
}
|
|
}
|
|
} |