Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152
  1. using System;
  2. using System.Configuration;
  3. using System.Linq;
  4. using System.Security.Claims;
  5. using System.Text.RegularExpressions;
  6. using System.Threading;
  7. using iiie.Authentication.DBO;
  8. using Newtonsoft.Json;
  9. namespace iiie.Authentication.Business
  10. {
  11. public abstract class AuthProvider<TUserDbo>
  12. where TUserDbo : UserDboAuth
  13. {
  14. /// <summary>
  15. /// Application specific settings
  16. /// </summary>
  17. public static AuthProvider<TUserDbo> Instance { get; set; }
  18. /// <summary>
  19. /// The registered user dbo, or null if no user is logged
  20. /// </summary>
  21. public static TUserDbo UserDbo
  22. {
  23. get
  24. {
  25. var claim = ((ClaimsIdentity)Thread.CurrentPrincipal.Identity).Claims.FirstOrDefault(x => x != null && x.Type == "__userdbo__");
  26. if (claim == null)
  27. return null;
  28. return JsonConvert.DeserializeObject<TUserDbo>(claim.Value);
  29. }
  30. set
  31. {
  32. var claim = new Claim("__userdbo__", JsonConvert.SerializeObject(value));
  33. ((ClaimsIdentity)Thread.CurrentPrincipal.Identity).AddClaim(claim);
  34. }
  35. }
  36. /// <summary>
  37. /// Check if this is a valid email address
  38. /// </summary>
  39. /// <param name="email">The email to test</param>
  40. /// <returns>True if the email is valid, false otherwise</returns>
  41. public static bool IsValidEmail(string email)
  42. {
  43. try
  44. {
  45. return Regex.IsMatch(email,
  46. @"^(?("")("".+?(?<!\\)""@)|(([0-9a-z]((\.(?!\.))|[-!#\$%&'\*\+/=\?\^`\{\}\|~\w])*)(?<=[0-9a-z])@))" +
  47. @"(?(\[)(\[(\d{1,3}\.){3}\d{1,3}\])|(([0-9a-z][-\w]*[0-9a-z]*\.)+[a-z0-9][\-a-z0-9]{0,22}[a-z0-9]))$",
  48. RegexOptions.IgnoreCase, TimeSpan.FromMilliseconds(250));
  49. }
  50. catch (RegexMatchTimeoutException)
  51. {
  52. return false;
  53. }
  54. }
  55. /// <summary>
  56. /// Get a int from config file, or return the default value
  57. /// </summary>
  58. /// <param name="key">The config file key</param>
  59. /// <param name="def">The default value</param>
  60. /// <returns>The found int</returns>
  61. protected int GetInt(string key, int def)
  62. {
  63. var valueStr = ConfigurationManager.AppSettings[key];
  64. if (valueStr == null)
  65. return def;
  66. int value;
  67. if (int.TryParse(valueStr, out value))
  68. return value;
  69. return def;
  70. }
  71. /// <summary>
  72. /// Get a string from config file, or return the default value
  73. /// </summary>
  74. /// <param name="key">The config file key</param>
  75. /// <param name="def">The default value</param>
  76. /// <returns>The found string</returns>
  77. protected string GetString(string key, string def)
  78. {
  79. var value = ConfigurationManager.AppSettings[key];
  80. if (value == null)
  81. return def;
  82. return value;
  83. }
  84. /// <summary>
  85. /// Contructs a user dbo from the specified username and salt and register it into UserDbo
  86. /// </summary>
  87. /// <param name="username">The username of the verified token</param>
  88. /// <param name="salt">The salt in the token</param>
  89. /// <returns>The user dbo, or null if user is not valid</returns>
  90. public TUserDbo GetAndRegisterUserDbo(string username, string salt)
  91. {
  92. return UserDbo = GetUserDbo(username, salt);
  93. }
  94. /// <summary>
  95. /// Contructs a user dbo from the specified username and salt
  96. /// </summary>
  97. /// <param name="username">The username of the verified token</param>
  98. /// <param name="salt">The salt in the token</param>
  99. /// <returns>The user dbo, or null if user is not valid</returns>
  100. public abstract TUserDbo GetUserDbo(string username, string salt);
  101. /// <summary>
  102. /// Const value to compute password hash
  103. /// </summary>
  104. public virtual int GetPasswordSaltByteSize()
  105. {
  106. return GetInt("PasswordSaltByteSize", 42);
  107. }
  108. /// <summary>
  109. /// Const value to compute password hash
  110. /// </summary>
  111. public virtual int GetPasswordHashByteSize()
  112. {
  113. return GetInt("PasswordHashByteSize", 42);
  114. }
  115. /// <summary>
  116. /// Const value to compute password hash
  117. /// </summary>
  118. public virtual int GetPasswordIterations()
  119. {
  120. return GetInt("PasswordIterations", 2048);
  121. }
  122. /// <summary>
  123. /// Returns a string used to validate the token.
  124. /// Must be constant. Default is app setting 'ValidatorString'
  125. /// </summary>
  126. /// <returns>The string</returns>
  127. public virtual string GetValidatorString()
  128. {
  129. return GetString("ValidatorString", "__default__");
  130. }
  131. /// <summary>
  132. /// Returns a string used to sign the token
  133. /// Must be constant. Default is app setting 'CredentialKey'
  134. /// </summary>
  135. /// <returns>The string</returns>
  136. public virtual string GetCredentialKey()
  137. {
  138. return GetString("CredentialKey", "__default__");
  139. }
  140. }
  141. }