using System;
using System.Collections.Generic;
using System.Configuration;
using System.Linq;
using System.Web.Security;
using System.Security;
using System.Security.Principal;
using System.Web;
using System.Web.Http;
using System.Web.Mvc;
using System.Web.Routing;
using Microsoft.Practices.EnterpriseLibrary.Logging;
using System.Web.UI.WebControls;
using GODATA.App_Start;
using System.Web.Optimization;
namespace GODATA
{
// Note: For instructions on enabling IIS6 or IIS7 classic mode,
// visit http://go.microsoft.com/?LinkId=9394801
public class MvcApplication : System.Web.HttpApplication
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new HandleErrorAttribute());
}
public static void RegisterRoutes(RouteCollection routes)
{
routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
routes.MapRoute(
name: "Default", // Route name
url: "{controller}/{action}/{id}", // URL with parameters
defaults: new { controller = "Account", action = "Index", id = UrlParameter.Optional } // Parameter defaults
);
routes.MapRoute(
name: "DefaultLoginUrl",
url: "Home/Index"
);
}
protected void Application_Start()
{
System.Net.ServicePointManager.SecurityProtocol = System.Net.SecurityProtocolType.Tls12;
AreaRegistration.RegisterAllAreas();
BundleConfig.RegisterBundles(BundleTable.Bundles);
RegisterGlobalFilters(GlobalFilters.Filters);
RegisterRoutes(RouteTable.Routes);
}
protected void Session_Start()
{
Session.Add("UserTimeZoneOffset", 330);
Application["SecurityToken"] = ConfigurationManager.AppSettings["RESTfulSecurityToken"].ToString();
}
////protected void Session_End(Object sender, EventArgs e)
////{
//// Response.RedirectToRoute("Default");
////}
///
/// Check application authentication event.
///
/// Sender
/// Event Argument
void Application_AuthenticateRequest(Object sender, EventArgs e)
{
try
{
var httpContext = new HttpContextWrapper(HttpContext.Current);
if (Request.IsAuthenticated)
{
//// Create the roles cookie if it doesn't exist yet for this session.
if ((Request.Cookies["portalroles"] == null) || (Request.Cookies["portalroles"].Value == ""))
{
string[] roles = HttpContext.Current.Application["roles"] != null ? (string[])HttpContext.Current.Application["roles"] : null;
string roleStr = (roles != null) ? string.Join(";", roles) : string.Empty;
HttpContext.Current.Application.Remove("roles");
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, //// version
Context.User.Identity.Name, //// user name
DateTime.Now, //// issue time
DateTime.Now.Add(FormsAuthentication.Timeout), //// expires every hour
false, //// don't persist cookie
roleStr, //// roles
FormsAuthentication.FormsCookiePath
);
//// Encrypt the ticket
String cookieStr = FormsAuthentication.Encrypt(ticket);
//// Send the cookie to the client
Response.Cookies["portalroles"].Value = cookieStr;
Response.Cookies["portalroles"].Path = "/";
//Response.Cookies["portalroles"].Expires = DateTime.Now.AddMinutes(1);
Context.User = new GenericPrincipal(Context.User.Identity, roleStr.Split(';'));
////Response.Redirect(HttpContext.Current.Application["returnUrl"].ToString());
}
else
{
//// Get roles from roles cookie
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(Context.Request.Cookies["portalroles"].Value);
Context.User = new GenericPrincipal(Context.User.Identity, ticket.UserData.Split(';'));
}
}
}
catch (Exception ex)
{
throw new Exception(ex.Message, ex.InnerException);
}
}
public class SessionExpireAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
HttpContext ctx = HttpContext.Current;
// check sessions here
if (HttpContext.Current.Session["UserId"] == null)
{
//filterContext.RouteData = new RouteData(,);
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Account", action = "LogOff" }));
filterContext.Result.ExecuteResult(filterContext.Controller.ControllerContext);
}
}
}
///
/// Function used to handle application error/exception.
///
/// Sender
/// Event Arguments
protected void Application_Error(Object sender, EventArgs e)
{
var ex = Server.GetLastError();
if (ex is SecurityException && ex.Source == "MVCAuthorization")
{
var context = new HttpContextWrapper(Context);
HttpContextBase currentContext = new HttpContextWrapper(HttpContext.Current);
RouteData routeData = RouteTable.Routes.GetRouteData(currentContext);
routeData.Values["returnUrl"] = currentContext.Request.RawUrl;
routeData.Values["controller"] = "Account";
routeData.Values["action"] = "UnauthorizedAccess";
routeData.Values["exMessage"] = ex.Message;
IRouteHandler routeHandler = routeData.RouteHandler;
RequestContext requestContext = new RequestContext(currentContext, routeData);
IHttpHandler httpHandler = routeHandler.GetHttpHandler(requestContext);
httpHandler.ProcessRequest(Context);
Response.Flush();
Response.End();
}
}
}
}