IUserService<TId,TEntityId,TUser>
Members
Namespace: ASPSecurityKit
Assembly: ASPSecurityKit.dll
Summary
Extends IUserService and provides a generic interface for authenticating, authorizing and managing user identities.
Generic Types
| Name | Description |
|---|---|
| TId | The type of key property for IUser<TId>. |
| TEntityId | The type of entityId property for IPermit<TId>. |
| TUser | The concrete type that implements IUser<TId> model. |
Remarks
The TId is provided so that you can continue to use the same type of keys for all the models of your system. Some people prefer Guid over Int32 type for their models keys.
The TEntityId is provided so that you can use a separate type (usually an entity urn) to represent entity instance identifier on which a permit is granted.
Properties
CurrentUser
Summary
Gets the TUser model for the current user.
Value
The TUser model for the current user.
ImpersonatingUser
Summary
Gets the TUser model for the user who is impersonating CurrentUser.
Value
The TUser model for the user who is impersonating CurrentUser.
CurrentUserId
Summary
Gets the current user id.
Value
The current user id.
Methods
ChangePassword(userId,newPassword)
Summary
Changes password for a user that has the specified id.
Returns
true if password is changed; otherwise false (which means the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| newPassword | System.String | The new password. |
Exceptions
| Type | Description |
|---|---|
| System.InvalidOperationException | When parameter userId is the same as CurrentUserId. | |
| System.ArgumentNullException | When userId is null or default, or new password is null or whitespace. |
Remarks
Use this method for admins/managers to allow them to reset password for their subordinates without needing to verify their existing password. A successful call also resets PasswordExpiredAt to the value determined by GetPasswordExpirationIntervalInDays. Additionally, it makes call to ExpireUserSessions to expire all active sessions related to the user.
ChangePassword(userId,currentPassword,newPassword)
Summary
Changes password for a user that has the specified id.
Returns
true if password is changed; otherwise false (which may mean that either the currentPassword or the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| currentPassword | System.String | The current password. |
| newPassword | System.String | The new password. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default, or current/new password is null or whitespace. |
Remarks
A successful call also resets PasswordExpiredAt to the value determined by GetPasswordExpirationIntervalInDays. Additionally, it makes call to ExpireUserSessions to expire all active sessions related to the user other than the current session.
ChangeUsername(userId,password,newUsername)
Summary
Changes username of a user that has the specified id.
Returns
Success if new username is successfully changed; otherwise, DoNotExist if username doesn’t exist, InvalidPassword if the password did not match or AlreadyExists if the new username already belongs to some other user.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| password | System.String | Password associated with the specified username to authorize the change. |
| newUsername | System.String | The username to change with. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default, or password or newUsername is null or whitespace. |
SetSuspensionStatus(userId,suspended,reason)
Summary
Sets the suspension status of a user.
Returns
true if suspension status is updated; otherwise false (which means the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | Identifier of the user whose suspension status is to be updated. |
| suspended | System.Boolean | Specifies suspension status . True means user is suspended while false means user is activated. |
| reason | System.String | Optional. Reason of suspension. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
Remarks
This method updates Suspended with the value you provide for the user that has the specified user id. Depending on the status value, it also sets or resets SuspensionReason and SuspensionDate. Additionally, it makes call to ExpireUserSessions to expire all active sessions related to the user so as to enforce suspension immediately.
SetPasswordBlocked(userId,passwordBlocked,reason)
Summary
Sets the passwordBlocked status of a user.
Returns
true if passwordBlocked status is updated; otherwise false (which means the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | Identifier of the user whose passwordBlocked status is to be updated. |
| passwordBlocked | System.Boolean | Specifies passwordBlocked status . |
| reason | System.String | Reason of blocking password. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
Remarks
This method updates PasswordBlocked with the value you provide for the user that has the specified user id. Depending on the status value, it also sets or resets PasswordBlockedReason and PasswordBlockedDate.
IsAuthorized(permissionCode,entityId)
Summary
Determines whether the current user is authorized for the specified permission on an entity instance represented by the specified id.
Returns
true if the current user is authorized for the specified permission; otherwise, false.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | A permission code representing an action on an entity type– case-insensitive. |
| entityId | TEntityId | The entity instance id. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When permissionCode is null or whitespace. |
Remarks
This method skips check for entity instance if user has a general permission for this permissionCode. This way, you can actually grant “editPost” permission to a special set of users (say moderators) on all entity instances of type post.
GetAuthorizedEntities(permissionCode)
Summary
Gets the keys (ids) of entity instances on which current user is authorized for the specified permission.
Returns
The keys (ids) of entity instances on which current user is authorized for the specified permission.
Parameters
| Name | Type | Description |
|---|---|---|
| permissionCode | System.String | A permission code representing an action on an entity type– case-insensitive. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When permissionCode is null or whitespace. |
Remarks
You should use this method for listing pages where a set of entities needs to be loaded and displayed. The return keys of this method can be passed as a parameter to a database call to retrieve only those entities for which user has authorization. Therefore it reduces database traffic and increases speed of your application.
GetUser(username)
Summary
Gets the TUser model for the user that has the specified username.
Returns
The TUser model for the user that has the specified username.
Parameters
| Name | Type | Description |
|---|---|---|
| username | System.String | The username. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When username is null or whitespace. |
GetUser(userId)
Summary
Gets the TUser model for the user that has the specified userId.
Returns
The TUser model for the user that has the specified userId.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | The user id. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
NewUser(username,password,name)
Summary
creates a new user model instance initialized with several IUser properties, including HashedPassword (using IHashService – recommended default is PBKDF2HashService that uses salted PBKDF2-SHA1 hashing algorithm), PasswordResetToken and VerificationToken (with NewGuid), PasswordExpiredAt (using GetPasswordExpirationIntervalInDays), etc.
Returns
A new user model instance.
Parameters
| Name | Type | Description |
|---|---|---|
| username | System.String | The login username; must be unique. |
| password | System.String | The password. |
| name | System.String | The name of the user. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When username or password is null or whitespace. |
Remarks
Use this method in conjunction with CreateAccount during sign up/add new user process. First call this method and set any property you want on the returned TUser model. After that, call the CreateAccount method passing the model.
CreateAccount(model)
Summary
Completes the new user registration process.
Returns
true if user model is saved successfully; otherwise false.
Parameters
| Name | Type | Description |
|---|---|---|
| model | TUser | The user model. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When model is null. |
Remarks
Use this method in conjunction with NewUser during sign up/add new user process. First call NewUser method and set any property you want on the returned TUser model. After that, call the CreateAccount method passing the model.
Load(userId)
Summary
Loads the user data into memory – IUser<TId> model and permissions for the specified userId.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | The logged in userId. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
| System.InvalidOperationException | When user couldn’t be loaded – likely because userId doesn’t exist or is marked suspended. |
Remarks
Call this method on session_start if the user is already authenticated.
Load(auth,letSuspended)
Summary
Loads the user data into memory – IUser<TId> model and permissions for the specified identity token.
Returns
DoNotExist if user not found. Suspended if user is suspended and letSuspended is false; otherwise, Success.
Parameters
| Name | Type | Description |
|---|---|---|
| auth | ASPSecurityKit.IAuthDetails<TId> | An identity token details object. |
| letSuspended | System.Boolean | If set to false and the specified user is found suspended, forbids loading and returns Suspended; otherwise, loads the user. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When auth is null. |
| System.InvalidOperationException | When auth returns both userId and permitGroupId as null. Or when specified userId doesn’t exist or is marked suspended. |
Remarks
Call this method when you’ve already established the authentication (via some identity token protocol, for example). It reads authUrn, userId, permitGroupId and impersonatedUserId from auth details and load data accordingly. For instance, if permitGroupId is present, ensures that permissions are only loaded for that group and not whole of userId’s permits. In case of null userId, it considers that the identity token being loaded has no associated user so just need to load permissions for the specified permitGroupId along with a fake user. If impersonatedUserId is present, it considers that the identity token being loaded is a bound impersonated session (which exists only for impersonation; doesn’t allow stop/changing impersonation); therefore, it starts impersonation by calling Impersonate immediately after loading the user.
Load(userId,letSuspended)
Summary
Loads the user data into memory – IUser<TId> model and permissions for the specified userId.
Returns
DoNotExist if user not found. Suspended if user is suspended and letSuspended is false; otherwise, Success.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| letSuspended | System.Boolean | If set to false and the specified user is found suspended, forbids loading and returns Suspended; otherwise, loads the user. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
Remarks
Call this method on session_start if the user is already authenticated.
SetAuthDetails(auth)
Summary
Initializes values for the current identity.
Parameters
| Name | Type | Description |
|---|---|---|
| auth | ASPSecurityKit.IAuthDetails<TId> | Details related to the current identity. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When auth is null. |
| System.InvalidOperationException | When the supplied authUrn is different from the already known authUrn (not when the current authUrn is not set). |
Remarks
Current implementation only captures AuthUrn and PermitGroupId. If PermitGroupId is different from the internal one, RefreshPermissions will be called. A use case of this method is post login to initialize authUrn related to the newly initialized session. Login calls this for the same purpose. If you want to initialize completely new identity, you should use Load instead. You can also use this method to change permit context post login if you give such an option to the user.
Impersonate(userId)
Summary
Impersonates a user that has the specified userId. As such, the current user transforms into this new user; actions are verified against this new user’s permissions.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
| System.InvalidOperationException | When UserId doesn’t exist or the current session is a bound impersonated session (initialized with ImpersonatedUserId). | |
Remarks
If impersonation is already active, the identity of the ImpersonatingUser is still maintained and impersonation only switches to next user to be impersonated. Suspension check is skipped for the user being impersonated. Note: this should be an admin-level privilege and should be protected from being miss use.
GeneratePasswordResetToken(userId)
Summary
Generates the password reset token for the specified userId.
Returns
If a user with the specified userId exists, returns the Generated password reset token that can be safely embedded as a part of a URL, otherwise, returns null.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
GenerateVerificationToken(userId,resetVerification)
Summary
Generates the verification token for the specified userId.
Returns
If a user with the specified userId exists, returns the Generated verification token that can be safely embedded as a part of a URL, otherwise, returns null.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| resetVerification | System.Boolean | Tells whether to reset Verified property to false. The default is true (user state is changed to “unverified”.) |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
GetStorageData()
Summary
Gets the data in session related to the current identity.
Returns
The data in session related to the current identity.
Parameters
This method has no parameters.
Remarks
Override this method and return any other data you’ve added directly onto the ISessionService for the current user. It is however advised to manage additional data on the user data store available with methods like PutData. In which case you don’t need to override this or SetStorageData as it’d be automatically managed.
SetStorageData(details)
Summary
Overrides the existing data in session related to the current identity.
Parameters
| Name | Type | Description |
|---|---|---|
| details | ASPSecurityKit.UserServiceSessionDetails<TId, TUser> | Object containing session data to override. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When details is null. |
Remarks
Override this method and set any other data you’ve captured previously with GetStorageData. It is however advised to manage additional data on the user data store available with methods like PutData. In which case you don’t need to override this or GetStorageData as it’d be automatically managed.
ChangePasswordAsync(userId,newPassword)
Summary
Changes password for a user that has the specified id.
Returns
true if password is changed; otherwise false (which means the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| newPassword | System.String | The new password. |
Exceptions
| Type | Description |
|---|---|
| System.InvalidOperationException | When parameter userId is the same as CurrentUserId. | |
| System.ArgumentNullException | When userId is null or default, or new password is null or whitespace. |
Remarks
Use this method for admins/managers to allow them to reset password for their subordinates without needing to verify their existing password. A successful call also resets PasswordExpiredAt to the value determined by GetPasswordExpirationIntervalInDays. Additionally, it makes call to ExpireUserSessions to expire all active sessions related to the user.
ChangePasswordAsync(userId,newPassword,cancellationToken)
Summary
Changes password for a user that has the specified id.
Returns
true if password is changed; otherwise false (which means the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| newPassword | System.String | The new password. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.InvalidOperationException | When parameter userId is the same as CurrentUserId. | |
| System.ArgumentNullException | When userId is null or default, or new password is null or whitespace. |
Remarks
Use this method for admins/managers to allow them to reset password for their subordinates without needing to verify their existing password. A successful call also resets PasswordExpiredAt to the value determined by GetPasswordExpirationIntervalInDays. Additionally, it makes call to ExpireUserSessions to expire all active sessions related to the user.
ChangePasswordAsync(userId,currentPassword,newPassword)
Summary
Changes password for a user that has the specified id.
Returns
true if password is changed; otherwise false (which may mean that either the currentPassword or the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| currentPassword | System.String | The current password. |
| newPassword | System.String | The new password. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default, or current/new password is null or whitespace. |
Remarks
A successful call also resets PasswordExpiredAt to the value determined by GetPasswordExpirationIntervalInDays. Additionally, it makes call to ExpireUserSessions to expire all active sessions related to the user other than the current session.
ChangePasswordAsync(userId,currentPassword,newPassword,cancellationToken)
Summary
Changes password for a user that has the specified id.
Returns
true if password is changed; otherwise false (which may mean that either the currentPassword or the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| currentPassword | System.String | The current password. |
| newPassword | System.String | The new password. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default, or current/new password is null or whitespace. |
Remarks
A successful call also resets PasswordExpiredAt to the value determined by GetPasswordExpirationIntervalInDays. Additionally, it makes call to ExpireUserSessions to expire all active sessions related to the user other than the current session.
ChangeUsernameAsync(userId,password,newUsername)
Summary
Changes username of a user that has the specified id.
Returns
Success if new username is successfully changed; otherwise, DoNotExist if username doesn’t exist, InvalidPassword if the password did not match or AlreadyExists if the new username already belongs to some other user.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| password | System.String | Password associated with the specified username to authorize the change. |
| newUsername | System.String | The username to change with. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default, or password or newUsername is null or whitespace. |
ChangeUsernameAsync(userId,password,newUsername,cancellationToken)
Summary
Changes username of a user that has the specified id.
Returns
Success if new username is successfully changed; otherwise, DoNotExist if username doesn’t exist, InvalidPassword if the password did not match or AlreadyExists if the new username already belongs to some other user.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| password | System.String | Password associated with the specified username to authorize the change. |
| newUsername | System.String | The username to change with. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default, or password or newUsername is null or whitespace. |
SetSuspensionStatusAsync(userId,suspended,reason)
Summary
Sets the suspension status of a user.
Returns
true if suspension status is updated; otherwise false (which means the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | Identifier of the user whose suspension status is to be updated. |
| suspended | System.Boolean | Specifies suspension status . True means user is suspended while false means user is activated. |
| reason | System.String | Optional. Reason of suspension. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
Remarks
This method updates Suspended with the value you provide for the user that has the specified user id. Depending on the status value, it also sets or resets SuspensionReason and SuspensionDate. Additionally, it makes call to ExpireUserSessions to expire all active sessions related to the user so as to enforce suspension immediately.
SetSuspensionStatusAsync(userId,suspended,cancellationToken,reason)
Summary
Sets the suspension status of a user.
Returns
true if suspension status is updated; otherwise false (which means the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | Identifier of the user whose suspension status is to be updated. |
| suspended | System.Boolean | Specifies suspension status . True means user is suspended while false means user is activated. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
| reason | System.String | Optional. Reason of suspension. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
Remarks
This method updates Suspended with the value you provide for the user that has the specified user id. Depending on the status value, it also sets or resets SuspensionReason and SuspensionDate. Additionally, it makes call to ExpireUserSessions to expire all active sessions related to the user so as to enforce suspension immediately.
SetPasswordBlockedAsync(userId,passwordBlocked,reason)
Summary
Sets the passwordBlocked status of a user.
Returns
true if passwordBlocked status is updated; otherwise false (which means the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | Identifier of the user whose passwordBlocked status is to be updated. |
| passwordBlocked | System.Boolean | Specifies passwordBlocked status . |
| reason | System.String | Reason of blocking password. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
Remarks
This method updates PasswordBlocked with the value you provide for the user that has the specified user id. Depending on the status value, it also sets or resets PasswordBlockedReason and PasswordBlockedDate.
SetPasswordBlockedAsync(userId,passwordBlocked,reason,cancellationToken)
Summary
Sets the passwordBlocked status of a user.
Returns
true if passwordBlocked status is updated; otherwise false (which means the userId is not valid.)
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | Identifier of the user whose passwordBlocked status is to be updated. |
| passwordBlocked | System.Boolean | Specifies passwordBlocked status . |
| reason | System.String | Reason of blocking password. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
Remarks
This method updates PasswordBlocked with the value you provide for the user that has the specified user id. Depending on the status value, it also sets or resets PasswordBlockedReason and PasswordBlockedDate.
GetUserAsync(username)
Summary
Gets the TUser model for the user that has the specified username.
Returns
The TUser model for the user that has the specified username.
Parameters
| Name | Type | Description |
|---|---|---|
| username | System.String | The username. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When username is null or whitespace. |
GetUserAsync(username,cancellationToken)
Summary
Gets the TUser model for the user that has the specified username.
Returns
The TUser model for the user that has the specified username.
Parameters
| Name | Type | Description |
|---|---|---|
| username | System.String | The username. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When username is null or whitespace. |
GetUserAsync(userId)
Summary
Gets the TUser model for the user that has the specified userId.
Returns
The TUser model for the user that has the specified userId.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | The user id. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
GetUserAsync(userId,cancellationToken)
Summary
Gets the TUser model for the user that has the specified userId.
Returns
The TUser model for the user that has the specified userId.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | The user id. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
NewUserAsync(username,password,name)
Summary
creates a new user model instance initialized with several IUser properties, including HashedPassword (using IHashService – recommended default is PBKDF2HashService that uses salted PBKDF2-SHA1 hashing algorithm), PasswordResetToken and VerificationToken (with NewGuid), PasswordExpiredAt (using GetPasswordExpirationIntervalInDays), etc.
Returns
A new user model instance.
Parameters
| Name | Type | Description |
|---|---|---|
| username | System.String | The login username; must be unique. |
| password | System.String | The password. |
| name | System.String | The name of the user. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When username or password is null or whitespace. |
Remarks
Use this method in conjunction with CreateAccount during sign up/add new user process. First call this method and set any property you want on the returned TUser model. After that, call the CreateAccount method passing the model.
NewUserAsync(username,password,name,cancellationToken)
Summary
creates a new user model instance initialized with several IUser properties, including HashedPassword (using IHashService – recommended default is PBKDF2HashService that uses salted PBKDF2-SHA1 hashing algorithm), PasswordResetToken and VerificationToken (with NewGuid), PasswordExpiredAt (using GetPasswordExpirationIntervalInDays), etc.
Returns
A new user model instance.
Parameters
| Name | Type | Description |
|---|---|---|
| username | System.String | The login username; must be unique. |
| password | System.String | The password. |
| name | System.String | The name of the user. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When username or password is null or whitespace. |
Remarks
Use this method in conjunction with CreateAccount during sign up/add new user process. First call this method and set any property you want on the returned TUser model. After that, call the CreateAccount method passing the model.
CreateAccountAsync(model)
Summary
Completes the new user registration process.
Returns
true if user model is saved successfully; otherwise false.
Parameters
| Name | Type | Description |
|---|---|---|
| model | TUser | The user model. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When model is null. |
Remarks
Use this method in conjunction with NewUser during sign up/add new user process. First call NewUser method and set any property you want on the returned TUser model. After that, call the CreateAccount method passing the model.
CreateAccountAsync(model,cancellationToken)
Summary
Completes the new user registration process.
Returns
true if user model is saved successfully; otherwise false.
Parameters
| Name | Type | Description |
|---|---|---|
| model | TUser | The user model. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When model is null. |
Remarks
Use this method in conjunction with NewUser during sign up/add new user process. First call NewUser method and set any property you want on the returned TUser model. After that, call the CreateAccount method passing the model.
LoadAsync(userId)
Summary
Loads the user data into memory – IUser<TId> model and permissions for the specified userId.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | The logged in userId. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
| System.InvalidOperationException | When user couldn’t be loaded – likely because userId doesn’t exist or is marked suspended. |
Remarks
Call this method on session_start if the user is already authenticated.
LoadAsync(userId,cancellationToken)
Summary
Loads the user data into memory – IUser<TId> model and permissions for the specified userId.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | The logged in userId. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
| System.InvalidOperationException | When user couldn’t be loaded – likely because userId doesn’t exist or is marked suspended. |
Remarks
Call this method on session_start if the user is already authenticated.
LoadAsync(auth,letSuspended)
Summary
Loads the user data into memory – IUser<TId> model and permissions for the specified identity token.
Returns
DoNotExist if user not found. Suspended if user is suspended and letSuspended is false; otherwise, Success.
Parameters
| Name | Type | Description |
|---|---|---|
| auth | ASPSecurityKit.IAuthDetails<TId> | An identity token details object. |
| letSuspended | System.Boolean | If set to false and the specified user is found suspended, forbids loading and returns Suspended; otherwise, loads the user. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When auth is null. |
| System.InvalidOperationException | When auth returns both userId and permitGroupId as null. Or when specified userId doesn’t exist or is marked suspended. |
Remarks
Call this method when you’ve already established the authentication (via some identity token protocol, for example). It reads authUrn, userId, permitGroupId and impersonatedUserId from auth details and load data accordingly. For instance, if permitGroupId is present, ensures that permissions are only loaded for that group and not whole of userId’s permits. In case of null userId, it considers that the identity token being loaded has no associated user so just need to load permissions for the specified permitGroupId along with a fake user. If impersonatedUserId is present, it considers that the identity token being loaded is a bound impersonated session (which exists only for impersonation; doesn’t allow stop/changing impersonation); therefore, it starts impersonation by calling Impersonate immediately after loading the user.
LoadAsync(auth,letSuspended,cancellationToken)
Summary
Loads the user data into memory – IUser<TId> model and permissions for the specified identity token.
Returns
DoNotExist if user not found. Suspended if user is suspended and letSuspended is false; otherwise, Success.
Parameters
| Name | Type | Description |
|---|---|---|
| auth | ASPSecurityKit.IAuthDetails<TId> | An identity token details object. |
| letSuspended | System.Boolean | If set to false and the specified user is found suspended, forbids loading and returns Suspended; otherwise, loads the user. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When auth is null. |
| System.InvalidOperationException | When auth returns both userId and permitGroupId as null. Or when specified userId doesn’t exist or is marked suspended. |
Remarks
Call this method when you’ve already established the authentication (via some identity token protocol, for example). It reads authUrn, userId, permitGroupId and impersonatedUserId from auth details and load data accordingly. For instance, if permitGroupId is present, ensures that permissions are only loaded for that group and not whole of userId’s permits. In case of null userId, it considers that the identity token being loaded has no associated user so just need to load permissions for the specified permitGroupId along with a fake user. If impersonatedUserId is present, it considers that the identity token being loaded is a bound impersonated session (which exists only for impersonation; doesn’t allow stop/changing impersonation); therefore, it starts impersonation by calling Impersonate immediately after loading the user.
LoadAsync(userId,letSuspended)
Summary
Loads the user data into memory – IUser<TId> model and permissions for the specified userId.
Returns
DoNotExist if user not found. Suspended if user is suspended and letSuspended is false; otherwise, Success.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| letSuspended | System.Boolean | If set to false and the specified user is found suspended, forbids loading and returns Suspended; otherwise, loads the user. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
Remarks
Call this method on session_start if the user is already authenticated.
LoadAsync(userId,letSuspended,cancellationToken)
Summary
Loads the user data into memory – IUser<TId> model and permissions for the specified userId.
Returns
DoNotExist if user not found. Suspended if user is suspended and letSuspended is false; otherwise, Success.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| letSuspended | System.Boolean | If set to false and the specified user is found suspended, forbids loading and returns Suspended; otherwise, loads the user. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
Remarks
Call this method on session_start if the user is already authenticated.
SetAuthDetailsAsync(auth)
Summary
Initializes values for the current identity.
Parameters
| Name | Type | Description |
|---|---|---|
| auth | ASPSecurityKit.IAuthDetails<TId> | Details related to the current identity. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When auth is null. |
| System.InvalidOperationException | When the supplied authUrn is different from the already known authUrn (not when the current authUrn is not set). |
Remarks
Current implementation only captures AuthUrn and PermitGroupId. If PermitGroupId is different from the internal one, RefreshPermissions will be called. A use case of this method is post login to initialize authUrn related to the newly initialized session. Login calls this for the same purpose. If you want to initialize completely new identity, you should use Load instead. You can also use this method to change permit context post login if you give such an option to the user.
SetAuthDetailsAsync(auth,cancellationToken)
Summary
Initializes values for the current identity.
Parameters
| Name | Type | Description |
|---|---|---|
| auth | ASPSecurityKit.IAuthDetails<TId> | Details related to the current identity. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When auth is null. |
| System.InvalidOperationException | When the supplied authUrn is different from the already known authUrn (not when the current authUrn is not set). |
Remarks
Current implementation only captures AuthUrn and PermitGroupId. If PermitGroupId is different from the internal one, RefreshPermissions will be called. A use case of this method is post login to initialize authUrn related to the newly initialized session. Login calls this for the same purpose. If you want to initialize completely new identity, you should use Load instead. You can also use this method to change permit context post login if you give such an option to the user.
ImpersonateAsync(userId)
Summary
Impersonates a user that has the specified userId. As such, the current user transforms into this new user; actions are verified against this new user’s permissions.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
| System.InvalidOperationException | When UserId doesn’t exist or the current session is a bound impersonated session (initialized with ImpersonatedUserId). | |
Remarks
If impersonation is already active, the identity of the ImpersonatingUser is still maintained and impersonation only switches to next user to be impersonated. Suspension check is skipped for the user being impersonated. Note: this should be an admin-level privilege and should be protected from being miss use.
ImpersonateAsync(userId,cancellationToken)
Summary
Impersonates a user that has the specified userId. As such, the current user transforms into this new user; actions are verified against this new user’s permissions.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
| System.InvalidOperationException | When UserId doesn’t exist or the current session is a bound impersonated session (initialized with ImpersonatedUserId). | |
Remarks
If impersonation is already active, the identity of the ImpersonatingUser is still maintained and impersonation only switches to next user to be impersonated. Suspension check is skipped for the user being impersonated. Note: this should be an admin-level privilege and should be protected from being miss use.
GeneratePasswordResetTokenAsync(userId)
Summary
Generates the password reset token for the specified userId.
Returns
If a user with the specified userId exists, returns the Generated password reset token that can be safely embedded as a part of a URL, otherwise, returns null.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
GeneratePasswordResetTokenAsync(userId,cancellationToken)
Summary
Generates the password reset token for the specified userId.
Returns
If a user with the specified userId exists, returns the Generated password reset token that can be safely embedded as a part of a URL, otherwise, returns null.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
GenerateVerificationTokenAsync(userId,resetVerification)
Summary
Generates the verification token for the specified userId.
Returns
If a user with the specified userId exists, returns the Generated verification token that can be safely embedded as a part of a URL, otherwise, returns null.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| resetVerification | System.Boolean | Tells whether to reset Verified property to false. The default is true (user state is changed to “unverified”.) |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
GenerateVerificationTokenAsync(userId,cancellationToken,resetVerification)
Summary
Generates the verification token for the specified userId.
Returns
If a user with the specified userId exists, returns the Generated verification token that can be safely embedded as a part of a URL, otherwise, returns null.
Parameters
| Name | Type | Description |
|---|---|---|
| userId | TId | A valid user identifier. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
| resetVerification | System.Boolean | Tells whether to reset Verified property to false. The default is true (user state is changed to “unverified”.) |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When userId is null or default. |
GetStorageDataAsync()
Summary
Gets the data in session related to the current identity.
Returns
The data in session related to the current identity.
Parameters
This method has no parameters.
Remarks
Override this method and return any other data you’ve added directly onto the ISessionService for the current user. It is however advised to manage additional data on the user data store available with methods like PutData. In which case you don’t need to override this or SetStorageData as it’d be automatically managed.
GetStorageDataAsync(cancellationToken)
Summary
Gets the data in session related to the current identity.
Returns
The data in session related to the current identity.
Parameters
| Name | Type | Description |
|---|---|---|
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Remarks
Override this method and return any other data you’ve added directly onto the ISessionService for the current user. It is however advised to manage additional data on the user data store available with methods like PutData. In which case you don’t need to override this or SetStorageData as it’d be automatically managed.
SetStorageDataAsync(details)
Summary
Overrides the existing data in session related to the current identity.
Parameters
| Name | Type | Description |
|---|---|---|
| details | ASPSecurityKit.UserServiceSessionDetails<TId, TUser> | Object containing session data to override. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When details is null. |
Remarks
Override this method and set any other data you’ve captured previously with GetStorageData. It is however advised to manage additional data on the user data store available with methods like PutData. In which case you don’t need to override this or GetStorageData as it’d be automatically managed.
SetStorageDataAsync(details,cancellationToken)
Summary
Overrides the existing data in session related to the current identity.
Parameters
| Name | Type | Description |
|---|---|---|
| details | ASPSecurityKit.UserServiceSessionDetails<TId, TUser> | Object containing session data to override. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When details is null. |
Remarks
Override this method and set any other data you’ve captured previously with GetStorageData. It is however advised to manage additional data on the user data store available with methods like PutData. In which case you don’t need to override this or GetStorageData as it’d be automatically managed.