lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Changed FormsAuthenticationService to remember that authenticated user is non-item throughout the request.

Browse Source 
Fixes #5997
This commit is contained in:
Daniel Stolt
2015-11-10 09:19:38 +01:00
parent bcf4813c3e
commit d0f8fcdcf7
1 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/Orchard/Security/Providers/FormsAuthenticationService.cs
View File

@@ -22,9 +22,16 @@ namespace Orchard.Security.Providers {
private IUser _signedInUser; private IUser _signedInUser;
private bool _isAuthenticated; private bool _isAuthenticated;
// This fixes a performance issue when the forms authentication cookie is set to a
// user name not mapped to an actual Orchard user content item. If the request is
// authenticated but a null user is returned, multiple calls to GetAuthenticatedUser
// will cause multiple DB invocations, slowing down the request. We therefore
// remember if the current user is a non-Orchard user between invocations.
private bool _isNonOrchardUser;
public FormsAuthenticationService( public FormsAuthenticationService(
ShellSettings settings, ShellSettings settings,
IClock clock, IClock clock,
IMembershipService membershipService, IMembershipService membershipService,
IHttpContextAccessor httpContextAccessor, IHttpContextAccessor httpContextAccessor,
ISslSettingsProvider sslSettingsProvider, ISslSettingsProvider sslSettingsProvider,
@@ -37,7 +44,7 @@ namespace Orchard.Security.Providers {
_membershipValidationService = membershipValidationService; _membershipValidationService = membershipValidationService;
Logger = NullLogger.Instance; Logger = NullLogger.Instance;
ExpirationTimeSpan = TimeSpan.FromDays(30); ExpirationTimeSpan = TimeSpan.FromDays(30);
} }
@@ -82,7 +89,7 @@ namespace Orchard.Security.Providers {
if (createPersistentCookie) { if (createPersistentCookie) {
cookie.Expires = ticket.Expiration; cookie.Expires = ticket.Expiration;
} }
httpContext.Response.Cookies.Add(cookie); httpContext.Response.Cookies.Add(cookie);
_isAuthenticated = true; _isAuthenticated = true;
@@ -113,6 +120,10 @@ namespace Orchard.Security.Providers {
} }
public IUser GetAuthenticatedUser() { public IUser GetAuthenticatedUser() {
if (_isNonOrchardUser)
return null;
if (_signedInUser != null || _isAuthenticated) if (_signedInUser != null || _isAuthenticated)
return _signedInUser; return _signedInUser;
@@ -126,7 +137,7 @@ namespace Orchard.Security.Providers {
// The cookie user data is {userName.Base64};{tenant}. // The cookie user data is {userName.Base64};{tenant}.
var userDataSegments = userData.Split(';'); var userDataSegments = userData.Split(';');
if (userDataSegments.Length < 2) { if (userDataSegments.Length < 2) {
return null; return null;
} }
@@ -147,6 +158,7 @@ namespace Orchard.Security.Providers {
_signedInUser = _membershipService.GetUser(userDataName); _signedInUser = _membershipService.GetUser(userDataName);
if (_signedInUser == null || !_membershipValidationService.CanAuthenticateWithCookie(_signedInUser)) { if (_signedInUser == null || !_membershipValidationService.CanAuthenticateWithCookie(_signedInUser)) {
_isNonOrchardUser = true;
return null; return null;
} }