yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
48317d7e619778625d08a87e8566dfa49516a286
Umbraco-CMS/src/Umbraco.Web/Security/Identity/FormsAuthenticationSecureDataFormat.cs

62 lines
2.1 KiB
C#
Raw Normal View History

Initial install which now uses Identity middleware to perform the back office auth (no longer done in our module). Created custom data secure classes that use the legacy Forms auth logic for backwards compat. This means that the cookie can still be written the old way and still auth the new way if required. Now need to clean a lot of this up.
2015-02-06 13:47:00 +11:00
using System;
using System.Web.Security;
using Microsoft.Owin.Security;
using Newtonsoft.Json;
using Umbraco.Core.Security;
namespace Umbraco.Web.Security.Identity
{
/// <summary>
/// Custom secure format that uses the old FormsAuthentication format
/// </summary>
internal class FormsAuthenticationSecureDataFormat : ISecureDataFormat<AuthenticationTicket>
{
private readonly int _loginTimeoutMinutes;
public FormsAuthenticationSecureDataFormat(int loginTimeoutMinutes)
{
_loginTimeoutMinutes = loginTimeoutMinutes;
}
public string Protect(AuthenticationTicket data)
{
//TODO: Where to get the user data?
//var userDataString = JsonConvert.SerializeObject(userdata);
var ticket = new FormsAuthenticationTicket(
5,
data.Identity.Name,
data.Properties.IssuedUtc.HasValue ? data.Properties.IssuedUtc.Value.LocalDateTime : DateTime.Now,
data.Properties.ExpiresUtc.HasValue ? data.Properties.ExpiresUtc.Value.LocalDateTime : DateTime.Now.AddMinutes(_loginTimeoutMinutes),
data.Properties.IsPersistent,
"", //User data here!! This will come from the identity
"/"
);
return FormsAuthentication.Encrypt(ticket);
}
public AuthenticationTicket Unprotect(string protectedText)
{
FormsAuthenticationTicket decrypt;
try
{
decrypt = FormsAuthentication.Decrypt(protectedText);
if (decrypt == null) return null;
}
catch (Exception)
{
return null;
}
var identity = new UmbracoBackOfficeIdentity(decrypt);
return new AuthenticationTicket(identity, new AuthenticationProperties
{
ExpiresUtc = decrypt.Expiration.ToUniversalTime(),
IssuedUtc = decrypt.IssueDate.ToUniversalTime(),
IsPersistent = decrypt.IsPersistent
});
}
}
}
Reference in New Issue Copy Permalink