Joseph Doherty
26ff8d9b4f
Set up repository with legacy .NET Framework 4.8 source (OLD/), new .NET 10 Blazor solution (NEW/), OpenSpec specifications, documentation, and project configuration.
117 lines
4.3 KiB
C#
Executable File
117 lines
4.3 KiB
C#
Executable File
using System;
|
|
using System.Security.Claims;
|
|
using System.Web;
|
|
using System.Web.Configuration;
|
|
using System.Web.Mvc;
|
|
using DataModel.Models;
|
|
using Microsoft.AspNet.Identity;
|
|
using Microsoft.Owin.Security;
|
|
using WebInterface.Helpers;
|
|
using WebInterface.Models;
|
|
using WebInterface.Security;
|
|
|
|
namespace WebInterface.Controllers
|
|
{
|
|
/// <summary>
|
|
/// Account / control management controller
|
|
/// </summary>
|
|
public class AccountController : CrudController
|
|
{
|
|
// GET: Account/Login
|
|
[AllowAnonymous]
|
|
public ActionResult Login(string ReturnUrl)
|
|
{
|
|
LogonRequest logonRequest = new LogonRequest()
|
|
{
|
|
RedirectURL = ReturnUrl ?? Url.Action("Index", "Home")
|
|
};
|
|
|
|
return View(logonRequest);
|
|
}
|
|
|
|
// POST: Account/Login
|
|
[AllowAnonymous]
|
|
[HttpPost]
|
|
public ActionResult Login([Bind(Include = "UserName,Password,RedirectURL")] LogonRequest logonRequest)
|
|
{
|
|
try
|
|
{
|
|
//Validate request before continuing
|
|
if (string.IsNullOrEmpty(logonRequest.UserName) || string.IsNullOrEmpty(logonRequest.Password))
|
|
{
|
|
throw new Exception("Invalid username or password entered");
|
|
}
|
|
|
|
//Lookup LDAP URL setting
|
|
string ldapURL = WebConfigurationManager.AppSettings["LDAPUrl"];
|
|
if (string.IsNullOrEmpty(ldapURL))
|
|
{
|
|
throw new Exception("LDAP URL not set in web.config file.");
|
|
}
|
|
|
|
//Authenticate against LDAP server
|
|
bool authenticated = false;
|
|
string serverURL = ldapURL;
|
|
foreach (string url in ldapURL.Split(new[] { ";" }, StringSplitOptions.RemoveEmptyEntries))
|
|
{
|
|
serverURL = url;
|
|
if (LDAPHelper.Authenticate(logonRequest.UserName, logonRequest.Password, serverURL))
|
|
{
|
|
authenticated = true;
|
|
break;
|
|
}
|
|
}
|
|
if (!authenticated) { throw new Exception("Incorrect username or password entered"); }
|
|
|
|
//Verify user is in group
|
|
string ldapGroup = WebConfigurationManager.AppSettings["LDAPGroup"];
|
|
if (!string.Equals("dohertj2", logonRequest.UserName, StringComparison.CurrentCultureIgnoreCase) && !LDAPHelper.IsInGroup(logonRequest.UserName, logonRequest.Password, serverURL, ldapGroup))
|
|
{
|
|
throw new Exception("User is not member of security group.");
|
|
}
|
|
|
|
//Lookup user's details
|
|
LDAPEntry ldapEntry = LDAPHelper.LookupUser(logonRequest.UserName, logonRequest.Password, serverURL);
|
|
|
|
//Create identity from LDAP entry
|
|
UserIdentity userIdentity = UserIdentity.FromLDAPEntry(ldapEntry);
|
|
|
|
//Sign out current user
|
|
HttpContext.GetOwinContext().Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
|
|
|
|
//Sign in new user
|
|
HttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity);
|
|
|
|
//Update current user
|
|
HttpContext.User = new ClaimsPrincipal(HttpContext.GetOwinContext().Authentication.AuthenticationResponseGrant.Principal);
|
|
|
|
//Redirect to original URL
|
|
return Redirect(logonRequest.RedirectURL);
|
|
}
|
|
catch (Exception error)
|
|
{
|
|
ModelState.AddModelError(string.Empty, error.Message);
|
|
}
|
|
|
|
return View(logonRequest);
|
|
}
|
|
|
|
// GET: Account/Logout
|
|
[Authorize]
|
|
public ActionResult Logout()
|
|
{
|
|
HttpContext.GetOwinContext().Authentication.SignOut();
|
|
|
|
return RedirectToAction("Index", "Home");
|
|
}
|
|
|
|
// GET: Account/NotAuthorized/resourceURL
|
|
[Authorize]
|
|
public ActionResult NotAuthorized(string resourceURL)
|
|
{
|
|
ViewBag.ResourceURL = resourceURL;
|
|
|
|
return View();
|
|
}
|
|
}
|
|
} |