albert/kreta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
kreta/KretaWeb/Security/MvcSessionAuthorizeAttribute.cs
skidoodle e124a47765 init
2024-03-13 00:33:46 +01:00

126 lines
5 KiB
C#
Raw Blame History

using System;
using System.Linq;
using System.Net;
using System.Web.Mvc;
using Kreta.Enums.ManualEnums;
using Kreta.Framework;
using Kreta.Web.Areas.Adminisztracio.Controllers;
using Kreta.Web.Classes;
using Kreta.Web.Configuration;
using Kreta.Web.Controllers;
using Kreta.Web.Controllers.Logic;
namespace Kreta.Web.Security
{
public class MvcSessionAuthorizeAttribute : AuthorizeAttribute
{
public override void OnAuthorization(AuthorizationContext filterContext)
{
if (SkipExistsOrganization(filterContext))
{
return;
}
if (SkipAuthorization(filterContext))
{
return;
}
if (AuthorizeSessionVariables())
{
if (filterContext.Controller is LayoutController && filterContext.ActionDescriptor.ActionName.Equals("GetRemainingTime"))
return;
SessionHandler.UpdateSessionTime();
}
else
{
if (!filterContext.HttpContext.Request.IsAjaxRequest())
{
if (filterContext.HttpContext.Request.Headers.AllKeys.Contains(Enums.ManualEnums.KliensTipusEnum.Mobile.ToString()))
{
filterContext.Result = new HttpStatusCodeResult((int)CustomHTTPStatusEnum.NincsBelepve);
}
else
{
var url = new UrlHelper(filterContext.RequestContext);
var idpConfiguration = DependencyResolver.Current.GetService<IIdpConfiguration>();
if (idpConfiguration.LoginEnabled)
{
MasterLayoutLogic.LogOut();
filterContext.Result = new RedirectResult(url.Action("Index", "Home", new { area = string.Empty }));
}
else
{
filterContext.Result = new RedirectResult(url.Action("Index", "Login", new { area = "Adminisztracio" }));
}
}
}
else
{
filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.Unauthorized);
filterContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
}
}
}
private bool AuthorizeSessionVariables()
{
if (!ClaimData.IsAuthenticated)
return false;
if (!SDAServer.Instance.SessionManager.IsSessionAlive(ClaimData.SessionId))
return false;
return true;
}
private bool SkipAuthorization(AuthorizationContext filterContext)
{
var idpConfiguration = DependencyResolver.Current.GetService<IIdpConfiguration>();
if (idpConfiguration.LoginEnabled)
{
if (filterContext.Controller is HomeController && filterContext.ActionDescriptor.ActionName.Equals("Index"))
{
if (ClaimData.IsAuthenticated && !SDAServer.Instance.SessionManager.IsSessionAlive(ClaimData.SessionId))
return false;
return true;
}
}
else
{
if (filterContext.Controller is LoginController && filterContext.ActionDescriptor.ActionName.Equals("Index"))
return true;
}
return (IsAllowAnonymous(filterContext) || IsMvcSiteMapCalls(filterContext));
}
private static bool IsAllowAnonymous(AuthorizationContext filterContext)
{
bool result = filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true)
|| filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), inherit: true);
return result;
}
private static bool IsMvcSiteMapCalls(AuthorizationContext filterContext)
{
return filterContext.HttpContext.Request is MvcSiteMapProvider.Web.Mvc.SiteMapHttpRequest;
}
/// <summary>
/// Megvizsgáljuk, hogy létezik-e az URL-ben megadott intézmény azonosító. Ha nem, akkor hiba!
/// A bejelentkezési oldalra sem szabad irányítani.
/// </summary>
/// <param name="filterContext"></param>
/// <returns></returns>
static bool SkipExistsOrganization(AuthorizationContext filterContext)
{
bool letezoIntezmeny = KretaServer.KretaServer.Instance.GetOsszesIntezmeny().Contains(LoginManager.OrganizationIdentifier, StringComparer.InvariantCultureIgnoreCase);
if (letezoIntezmeny == false && filterContext.RequestContext.RouteData.Values["controller"].ToString() != "HibaOldal")
{
throw new InvalidConfigurationException($"Az intézmény nem létezik: {LoginManager.OrganizationIdentifier}");
}
return false;
}
}
}
Reference in a new issue View git blame Copy permalink