lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-15 19:54:57 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

#20355: Preventing collisions with default tenant

Browse Source 
Work Item: 20355
This commit is contained in:
Sebastien Ros
2013-12-13 16:22:13 -08:00
parent 30c43ad130
commit e99bba1669
1 changed files with 20 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/Orchard/Security/Providers/FormsAuthenticationService.cs
View File

@@ -33,7 +33,9 @@ namespace Orchard.Security.Providers {
public void SignIn(IUser user, bool createPersistentCookie) {
var now = _clock.UtcNow.ToLocalTime();
var userData = Convert.ToString(user.Id);
// the cookie user data is {userId};{tenant}
var userData = String.Concat(Convert.ToString(user.Id), ";", _settings.Name);
var ticket = new FormsAuthenticationTicket(
1 /*version*/,
@@ -99,9 +101,24 @@ namespace Orchard.Security.Providers {
}
var formsIdentity = (FormsIdentity)httpContext.User.Identity;
var userData = formsIdentity.Ticket.UserData;
var userData = formsIdentity.Ticket.UserData ?? "";
// the cookie user data is {userId};{tenant}
var userDataSegments = userData.Split(';');
if (userDataSegments.Length != 2) {
return null;
}
var userDataId = userDataSegments[0];
var userDataTenant = userDataSegments[1];
if (!String.Equals(userDataTenant, _settings.Name, StringComparison.Ordinal)) {
return null;
}
int userId;
if (!int.TryParse(userData, out userId)) {
if (!int.TryParse(userDataId, out userId)) {
Logger.Fatal("User id not a parsable integer");
return null;
}