-
Notifications
You must be signed in to change notification settings - Fork 0
USER LOGON
An IQueryHandler that logons by user's entry params.
- Located at the
AuthorityController.Queriesnamespace into theUSER_LOGONclass. - Looks for a profile in a local file system via the
API.LocalUsers. - Looks for a profile on an SQL server in case if
UniformDataOperator.Sql.SqlOperatorHandler.Activeisn't null.
The query must contains all the listed parameters.
| Keyword | Description |
|---|---|
| user | Null |
| logon | Null |
| login | A user's login. |
| password | A user's password. |
| os | An operating system installed on the computer where started a client app. |
| mac | A MAC-address of the computer where started a client app. |
| stamp | A time stamp when the query occurs. |
| token | A guest token provided to a client app. |
| guid | An unique GUID of the query. |
In case of success returns:
- A session token for the user.
- An expire time for the token.
- A list of rights provided to the user.
In case of fail returns an error message available by the ANSWER.First.PropertyValueString. Where the ANSWER is a Query received by the query handler.
| Error | Message |
|---|---|
| User not found | "ERROR 404: User not found" |
| Invalid SQL query | "ERROR SQL SERVER: DATAILS", where DATAILS is an asnwer of the SQL server. |
| Hashed password not the same as stored | "ERROR 412: Incorrect password" |
logon rights code banned for the user |
"ERROR 412: User banned." |
A logon process is a complex bunch of tasks that should be fulfilled. For simplifying of the that process the USER LOGON has an implemented automatic QueryProcessor that handles all the tasks.
Handled issues:
- The logon session is temporary, the user must relog after token expire. The processor holds the data that allows t odetermain the current state.
- The logon process require sharing a list of system params. The processor collects all required data by itself and adds it to the query.
- The logon query demands fulfilling a lot of steps before executing besides query build. The processor manages server existence, connection, data exchange, error handling and states control.
- The processor provides holds a data received like an answer from the server and API to handle it.
The implemented QueryProcessor implements AuthQueryProcessor interface.
The following example requiests an authorized token by a manual query.
At first we should build a query with following params.
// Create the query that would simulate logon.
var query = new Query(
new QueryPart("token", GUIEST_TOKEN),
new QueryPart("guid", Guid.NewGuid().ToString()),
new QueryPart("user"),
new QueryPart("logon"),
new QueryPart("login", LOGIN),
new QueryPart("password", PASSWORD),
new QueryPart("os", Environment.OSVersion.VersionString),
new QueryPart("mac", PipesProvider.Networking.Info.MacAdsress),
new QueryPart("stamp", DateTime.Now.ToBinary().ToString()));
Not we should send thq query to the server and handle an ansewer.
// Starting a client line.
UniformClient.BaseClient.EnqueueDuplexQueryViaPP(
// Defining the networking params of a server.
SERVER_IP, PIPE_NAME,
query,
// A handler that will receive an answer from the server.
(PipesProvider.Client.TransmissionLine line, Query answer) =>
{
string firstProp = answer.First.PropertyValueString;
// Is operation success?
if (firstProp .StartsWith("error", StringComparison.OrdinalIgnoreCase))
{
// Log about an error.
Console.WriteLine("Recived error:\n" + firstProp);
}
else
{
// Trying to get token from answer.
if (answer.TryGetParamValue("token", out QueryPart token) &&
!string.IsNullOrEmpty(token.PropertyValueString))
{
// Logon succeeded. Handle it here.
}
else
{
// Log about an error.
Console.WriteLine("Answer not contain token:\nFull answer:" + firstProp);
}
}
});
- Where the
GUEST_TOKENis a token with a guest rights provided to a client app by theSessionProviderserver or other tokens provider. - Where the
LOGINandPASSWORDis a user's logon params. - Where the
SERVER_IPis an ip adress or the name of the computer into a local network. - Where the
PIPE_NAMEis a name of the named pipe started on the server.
The following example shows logon process via an automatic AuthQueryProcessor from the UniformQueries.Executable.Security namespace.
// Create new processor that handles logon.
var processor = new USER_LOGON.LogonProcessor();
// Sign up on a callback that will be called when logon operation is finished.
processor.ProcessingFinished += delegate (
UniformQueries.Executable.QueryProcessor _,
bool result,
object message)
{
if(result)
Console.WriteLine("LOGON FINISHED | TOKEN:" + recivedMessage);
else
Console.WriteLine("LOGON FAILED");
};
// Request logon via the processor.
processor.TryToLogonAsync(
GUEST_TOKEN
LOGIN,
PASSWORD,
SERVER_IP,
PIPE_NAME);
- Where the
GUEST_TOKENis a token with a guest rights provided to a client app by theSessionProviderserver or other tokens provider. - Where the
LOGINandPASSWORDis a user's logon params. - Where the
SERVER_IPis an ip adress or the name of the computer into a local network. - Where the
PIPE_NAMEis a name of the named pipe started on the server.
The following code demostrate logon process via the AuthorizedInstruction instance.
The AuthorizedInstructions allow to handle multiple logon processes for different network session providers and hold a tokens for each into a binded instruction. It a most powerful way to manage sessions implemented by the AuthorityController addon.
At first we should find a suitable routing table among loaded. Fo this we will you a signature of the logon query that contains the following params: user, logon, etc.
// Detecting a routing instruction suitable for user's queries.
BaseClient.routingTable.TryGetRoutingInstruction(
new UniformQueries.Query(
new UniformQueries.QueryPart("logon"),
new UniformQueries.QueryPart("user")),
out Instruction instruction);
// Checking the type of instruction.
if (!(instruction is AuthorizedInstruction queriesChanelInstruction))
{
// Logging an error message about the invalid cast.
Console.WriteLine("Routing instruction for the LOGON query not found.\n" +
"Please be sure that you has AuthorizedInstruction " +
"that allows to share queries with user&logon parts");
return;
}
Note that
logonkeyword used as a prioritized during search. Try to request more precise and rare keyword of query before other ones to prevent not necessary checks in case if part of query is equal to some other query.
Now lets add logon parameters to the instruction and request logon by using them.
// Set entry data.
queriesChanelInstruction.authLogin = LOGIN
queriesChanelInstruction.authPassword = PASSWORD;
// Request logon
queriesChanelInstruction.TryToLogonAsync(
null,
AuthorityController.Session.Current.TerminationTokenSource.Token);
// Subscribe on the finish event to handle received data.
queriesChanelInstruction.LogonHandler.ProcessingFinished += LogonFinishedCallback;
Now let's add a handler that will react on the event of the logon finish.
// A callback that will be called when the server returns an answer.
void LogonFinishedCallback(
UniformQueries.Executable.QueryProcessor _,
bool result,
object message)
{
// Unsubscribe from events.
queriesChanelInstruction.LogonHandler.ProcessingFinished -= LogonFinishedCallback;
// Clear a secret data.
queriesChanelInstruction.authPassword = null;
// If success logoned.
if (queriesChanelInstruction.IsFullAuthorized)
{
// You successfully authorized. Handle a next step here.
}
else
{
// Handle fail here.
}
}
- Manual logon at UDO Tests from the ACTests. Look at the
UserLogon_Validor theUserLogon_Invalidmethods. - Logon via the processor at UDO Tests from the ACTests. Look at the
Logonmethod. -
MainWindow from the Datum Point. Look at the
LogonScreen_LoginButtonmethod.
- Donate: Why support the initiative? | Patreon
- Contacts: LinkedIn
- See also: WPF Handler | Uniform Data Operator | Datum Point