Intercetto richieste accesso e redirect pagina di auth utente (cookie)!

This commit is contained in:
Samuele E. Locatelli
2014-11-03 10:47:17 +01:00
parent 458f894fc4
commit e65e8587e8
14 changed files with 258 additions and 14 deletions
+8
View File
@@ -290,6 +290,7 @@
<Content Include="Images\view_m.png" />
<Content Include="Images\view_s.png" />
<Content Include="Images\WorkInProgress.jpg" />
<Content Include="jumper.aspx" />
<Content Include="login.aspx" />
<Content Include="MakeSim.aspx" />
<Content Include="MarginReport.aspx" />
@@ -522,6 +523,13 @@
<Compile Include="JumboPage.master.designer.cs">
<DependentUpon>JumboPage.master</DependentUpon>
</Compile>
<Compile Include="jumper.aspx.cs">
<DependentUpon>jumper.aspx</DependentUpon>
<SubType>ASPXCodeBehind</SubType>
</Compile>
<Compile Include="jumper.aspx.designer.cs">
<DependentUpon>jumper.aspx</DependentUpon>
</Compile>
<Compile Include="login.aspx.cs">
<DependentUpon>login.aspx</DependentUpon>
<SubType>ASPXCodeBehind</SubType>
+5 -1
View File
@@ -1,4 +1,5 @@
using System;
using SteamWare;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
@@ -11,6 +12,9 @@ namespace C2P
{
protected void Page_Load(object sender, EventArgs e)
{
// resetto i dati utente all'accesso alla pagina default...
devicesAuthProxy.stObj.clearAllUserData();
Response.Redirect("UserAdmin");
}
}
}
+10 -4
View File
@@ -21,9 +21,15 @@
<add key="weight" value="kg" />
<!--area auth-->
<add key="authSenzaDominio" value="true" />
<add key="autoEnrollEnabled" value="true" />
<add key="defaultUser" value="proxima" />
<add key="defaultDomain" value="WINLAB" />
<add key="autoEnrollEnabled" value="false" />
<add key="defaultUser" value="#proxima#" />
<add key="defaultDomain" value="#WINLAB#" />
<!--gestione auth dispositivi-->
<add key="defaultDomain" value="steamwarewin" />
<add key="enablePlain" value="true"/>
<add key="urlGestUtenti" value="UserAdmin"/>
<add key="adminEmail" value="samuele@steamware.net"/>
<add key="PageNoIndex" value="UserAdmin#Test" />
<!--area suggerimenti-->
<add key="maxNumSuggest" value="50" />
<!--area logger-->
@@ -69,7 +75,7 @@
</appSettings>
<connectionStrings>
<add name="C2P_Data.Properties.Settings.Proxima_C2PConnectionString" connectionString="Data Source=10.74.82.217\SQL2008R2;Initial Catalog=Proxima_C2P;Persist Security Info=True;User ID=sa;Password=keyhammer" providerName="System.Data.SqlClient" />
<add name="SteamWare.Properties.Settings.MedPredConnectionString" connectionString="Data Source=10.74.82.217\SQL2008R2;Initial Catalog=Proxima_C2P;Persist Security Info=True;User ID=sa;Password=keyhammer" providerName="System.Data.SqlClient" />
<add name="SteamWare.Properties.Settings.DS_AuthConnectionString" connectionString="Data Source=10.74.82.217\SQL2008R2;Initial Catalog=Proxima_C2P;Persist Security Info=True;User ID=sa;Password=keyhammer" providerName="System.Data.SqlClient" />
</connectionStrings>
<system.web>
<httpHandlers>
@@ -29,7 +29,7 @@ namespace C2P.WebUserControls
if (email != "" && email.IndexOf("@") > 0)
{
// ora controllo che l'email SIA nell'elenco delle email degli utenti...
if (devicesAuthProxy.stObj.checkUserEmail(email))
if (devicesAuthProxy.stObj.checkUserEmail(email))
{
// controllo se la authKey è corretta x utente...
if (devicesAuthProxy.stObj.checkUserEmailAK(email, authKey))
+164 -8
View File
@@ -40,25 +40,181 @@ namespace C2P.WebUserControls
}
}
/// <summary>
/// titolo pagina
/// </summary>
public string titolo
{
get
{
return devicesAuthProxy.getPage(Request.Url);
}
}
/// <summary>
/// caricamento pagina
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Page_Load(object sender, EventArgs e)
{
// se l'utente NON c'è torno a login...
if (!user_std.UtSn.isAuth && currPage.IndexOf("login") < 0)
if (true)
{
Session["nextPage"] = currPage;
Response.Redirect("login");
// altri controlli
if (!Page.IsPostBack)
{
Page.Title = Request.Url.ToString();
// se ho cambiato pagina registro...)
if (devicesAuthProxy.pagPrecedente != titolo)
{
devicesAuthProxy.pagPrecedente = devicesAuthProxy.pagCorrente;
}
// salvo apgina corrente
devicesAuthProxy.pagCorrente = titolo; // devicesAuthProxy.getCurrPage(Request.Url);
}
// SOLO se la pagina NON E' "safe"...
if (memLayer.ML.confReadString("PageNoIndex").IndexOf(titolo) < 0)
{
bool userOk = checkUser();
bool pageOk = checkPageIsAuth();
// controllo se c'è utente in sessione..
if ((userOk))
{
// ora controllo pagina...
if (!pageOk)
{
if (devicesAuthProxy.stObj.isPageEnabled(devicesAuthProxy.pagPrecedente))
{
Response.Redirect(devicesAuthProxy.pagPrecedente);
}
else
{
Response.Redirect("Default");
}
}
}
else
{
// rimando pagina x registrazione devices
Response.Redirect("UserAdmin");
}
}
}
if (!Page.IsPostBack)
else
{
imgLogo.Visible = logoVisible;
PagCorrente();
memLayer.ML.emptySessionVal("searchVal");
// se l'utente NON c'è torno a login...
if (!user_std.UtSn.isAuth && currPage.IndexOf("login") < 0)
{
Session["nextPage"] = currPage;
Response.Redirect("login");
}
if (!Page.IsPostBack)
{
imgLogo.Visible = logoVisible;
PagCorrente();
memLayer.ML.emptySessionVal("searchVal");
}
}
}
/// <summary>
/// verifica che la pagina sia tra quelle autorizzate x l'utente
/// </summary>
/// <returns></returns>
private bool checkPageIsAuth()
{
bool allOk = false;
bool pageSafe = (memLayer.ML.confReadString("PageNoIndex").IndexOf(titolo) >= 0);
bool pageAuth = devicesAuthProxy.stObj.isPageEnabled(titolo);
allOk = (pageSafe || pageAuth);
return allOk;
}
/// <summary>
/// verifica presenza utente autorizzato in sessione
/// </summary>
private bool checkUser()
{
bool allOk = devicesAuthProxy.stObj.isAuth;
if (!devicesAuthProxy.stObj.isAuth)
{
// controllo cookie device...
allOk = checkAuthCookieC2P();
if (!allOk)
{
ResetUser();
}
}
return allOk;
}
/// <summary>
/// verifica la presenza di un cookie VALIDO per autorizzare il device ed avvia utente...
/// </summary>
private bool checkAuthCookieC2P()
{
bool answ = false;
try
{
HttpCookie cookie = Request.Cookies["AuthDevice"];
if (!(cookie == null || cookie.Value == ""))
{
// ricavo utente da cookie...
string userAgent = "";
string postazione_IP = "";
string devSecret = cookie.Value;
DS_Auth.AnagDevicesRow device = null;
// cerco il device...ogni dipendente può averne + di 1 registrato a suo nome...
string email = "";
try
{
device = devicesAuthProxy.stObj.taAnagDev.getByDeviceSecret(devSecret)[0];
email = device.USER_NAME;
}
catch
{ }
if (email != "")
{
// aggiorno descrizione (user agent) ed IP...
userAgent = Request.UserAgent;
postazione_IP = Request.UserHostAddress;
// controllo IP e DeviceDescription x eventuale update
if ((device.lastIPv4 != postazione_IP) || (device.Description != userAgent))
{
// salvo ultimo "contatto" del device aggiornando descrizione ed IP
devicesAuthProxy.stObj.taAnagDev.updateIP(device.IdxDevice, DateTime.Now, postazione_IP, userAgent);
}
// salvo in sessione utente
memLayer.ML.setSessionVal("email", email);
// avvio utente...
devicesAuthProxy.stObj.startUpUtente(email);
// salvo gruppo...
if (devicesAuthProxy.stObj.isAuth)
{
// se tutto ok
memLayer.ML.setSessionVal("Gruppo", devicesAuthProxy.stObj.rigaUtente.CodGruppo);
answ = true;
}
}
}
}
catch (Exception exc)
{
logger.lg.scriviLog(string.Format("Errore in checkAuthCookie:{0}{1}", Environment.NewLine, exc), tipoLog.EXCEPTION);
}
return answ;
}
/// <summary>
/// resetta utente
/// </summary>
private void ResetUser()
{
devicesAuthProxy.stObj.clearAllUserData();
// svuoto cookie...
memLayer.ML.setCookieVal("AuthDevice", "");
memLayer.ML.emptyCookieVal("AuthDevice");
}
/// <summary>
/// classe grafica da pagina corrente
/// </summary>
/// <param name="nomeElem"></param>
/// <returns></returns>
public string liClass(string nomeElem)
{
string answ = "";
BIN
View File
Binary file not shown.
Binary file not shown.
Binary file not shown.
+20
View File
@@ -0,0 +1,20 @@
<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="jumper.aspx.cs" Inherits="C2P.jumper" %>
<%@ Register src="WebUserControls/mod_enrollByJumperAuthKey.ascx" tagname="mod_enrollByJumperAuthKey" tagprefix="uc1" %>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<uc1:mod_enrollByJumperAuthKey ID="mod_enrollByJumperAuthKey1" runat="server" />
</div>
</form>
</body>
</html>
+17
View File
@@ -0,0 +1,17 @@
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
namespace C2P
{
public partial class jumper : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
}
}
+33
View File
@@ -0,0 +1,33 @@
//------------------------------------------------------------------------------
// <auto-generated>
// This code was generated by a tool.
//
// Changes to this file may cause incorrect behavior and will be lost if
// the code is regenerated.
// </auto-generated>
//------------------------------------------------------------------------------
namespace C2P {
public partial class jumper {
/// <summary>
/// form1 control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::System.Web.UI.HtmlControls.HtmlForm form1;
/// <summary>
/// mod_enrollByJumperAuthKey1 control.
/// </summary>
/// <remarks>
/// Auto-generated field.
/// To modify move field declaration from designer file to code-behind file.
/// </remarks>
protected global::C2P.WebUserControls.mod_enrollByJumperAuthKey mod_enrollByJumperAuthKey1;
}
}
Binary file not shown.
Binary file not shown.
Binary file not shown.