Last active
January 16, 2018 11:24
-
-
Save MatteoPiovanelli-Laser/6eca32667403bead62f8d9a989fa954f to your computer and use it in GitHub Desktop.
draft of idea to enable better auth cookie management in orchard cms
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Web; | |
using System.Web.Security; | |
using Orchard.Environment.Configuration; | |
using Orchard.Logging; | |
using Orchard.Mvc; | |
using Orchard.Mvc.Extensions; | |
using Orchard.Services; | |
using Orchard.Utility.Extensions; | |
namespace Orchard.Security.Providers { | |
public class FormsAuthenticationService : IAuthenticationService { | |
private const int _cookieVersion = 3; | |
private readonly ShellSettings _settings; | |
private readonly IClock _clock; | |
private readonly IMembershipService _membershipService; | |
private readonly IHttpContextAccessor _httpContextAccessor; | |
private readonly ISslSettingsProvider _sslSettingsProvider; | |
private readonly IMembershipValidationService _membershipValidationService; | |
private readonly IAuthCookieManager _authCookieManager; | |
private IUser _signedInUser; | |
private bool _isAuthenticated; | |
// This fixes a performance issue when the forms authentication cookie is set to a | |
// user name not mapped to an actual Orchard user content item. If the request is | |
// authenticated but a null user is returned, multiple calls to GetAuthenticatedUser | |
// will cause multiple DB invocations, slowing down the request. We therefore | |
// remember if the current user is a non-Orchard user between invocations. | |
private bool _isNonOrchardUser; | |
public FormsAuthenticationService( | |
ShellSettings settings, | |
IClock clock, | |
IMembershipService membershipService, | |
IHttpContextAccessor httpContextAccessor, | |
ISslSettingsProvider sslSettingsProvider, | |
IMembershipValidationService membershipValidationService, | |
IAuthCookieManager authCookieManager) { | |
_settings = settings; | |
_clock = clock; | |
_membershipService = membershipService; | |
_httpContextAccessor = httpContextAccessor; | |
_sslSettingsProvider = sslSettingsProvider; | |
_membershipValidationService = membershipValidationService; | |
_authCookieManager = authCookieManager; | |
Logger = NullLogger.Instance; | |
ExpirationTimeSpan = TimeSpan.FromDays(30); | |
} | |
public ILogger Logger { get; set; } | |
public TimeSpan ExpirationTimeSpan { get; set; } | |
public void SignIn(IUser user, bool createPersistentCookie) { | |
_authCookieManager.CreateAndAddCookie(user, createPersistentCookie); | |
_isAuthenticated = true; | |
_isNonOrchardUser = false; | |
_signedInUser = user; | |
} | |
public void SignOut() { | |
_signedInUser = null; | |
_isAuthenticated = false; | |
FormsAuthentication.SignOut(); | |
_authCookieManager.InvalidateCookie(); | |
} | |
public void SetAuthenticatedUserForRequest(IUser user) { | |
_signedInUser = user; | |
_isAuthenticated = true; | |
_isNonOrchardUser = false; | |
} | |
public IUser GetAuthenticatedUser() { | |
if (_isNonOrchardUser) | |
return null; | |
if (_signedInUser != null || _isAuthenticated) | |
return _signedInUser; | |
_signedInUser = _authCookieManager.GetAuthenticatedUser(); | |
if (_signedInUser == null || !_membershipValidationService.CanAuthenticateWithCookie(_signedInUser)) { | |
_isNonOrchardUser = true; | |
return null; | |
} | |
_isAuthenticated = true; | |
return _signedInUser; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment