TD-3734-Concurrent session-SIT fixes

LearningHub.Nhs.WebUI/Controllers/HomeController.cs

@@ -6,6 +6,7 @@ namespace LearningHub.Nhs.WebUI.Controllers
     using System.Linq;
     using System.Net.Http;
     using System.Threading.Tasks;
+    using AspNetCoreRateLimit;
     using elfhHub.Nhs.Models.Common;
     using elfhHub.Nhs.Models.Enums;
     using LearningHub.Nhs.Models.Content;
@@ -26,6 +27,7 @@ namespace LearningHub.Nhs.WebUI.Controllers
     using Microsoft.Extensions.Logging;
     using Microsoft.Extensions.Options;
     using Microsoft.FeatureManagement;
+    using UAParser;
     using Settings = LearningHub.Nhs.WebUI.Configuration.Settings;
 
     /// <summary>
@@ -206,43 +208,54 @@ public async Task<IActionResult> Index(string myLearningDashboard = "my-in-progr
         {
             if (this.User?.Identity.IsAuthenticated == true)
             {
-                this.Settings.ConcurrentId = this.CurrentUserId;
-                this.Logger.LogInformation("User is authenticated: User is {fullname} and userId is: {lhuserid}", this.User.Identity.GetCurrentName(), this.User.Identity.GetCurrentUserId());
-                if (this.User.IsInRole("Administrator") || this.User.IsInRole("BlueUser") || this.User.IsInRole("ReadOnly") || this.User.IsInRole("BasicUser"))
+                var userHistoryDetail = await this.userService.CheckUserHasAnActiveSessionAsync(this.CurrentUserId);
+                var uaParser = Parser.GetDefault();
+                var clientInfo = uaParser.Parse(this.Request.Headers["User-Agent"]);
+
+                if (userHistoryDetail.Items.Count == 0 || userHistoryDetail.Items[0].BrowserName == clientInfo.UA.Family)
                 {
-                    var learningTask = this.dashboardService.GetMyAccessLearningsAsync(myLearningDashboard, 1);
-                    var resourcesTask = this.dashboardService.GetResourcesAsync(resourceDashboard, 1);
-                    var cataloguesTask = this.dashboardService.GetCataloguesAsync(catalogueDashboard, 1);
-
-                    var enrolledCoursesTask = Task.FromResult(new List<MoodleCourseResponseViewModel>());
-                    var enableMoodle = Task.Run(() => this.featureManager.IsEnabledAsync(FeatureFlags.EnableMoodle)).Result;
-                    this.ViewBag.EnableMoodle = enableMoodle;
-                    this.ViewBag.ValidMoodleUser = this.CurrentMoodleUserId > 0;
-                    if (enableMoodle && myLearningDashboard == "my-enrolled-courses")
+                    this.Settings.ConcurrentId = this.CurrentUserId;
+                    this.Logger.LogInformation("User is authenticated: User is {fullname} and userId is: {lhuserid}", this.User.Identity.GetCurrentName(), this.User.Identity.GetCurrentUserId());
+                    if (this.User.IsInRole("Administrator") || this.User.IsInRole("BlueUser") || this.User.IsInRole("ReadOnly") || this.User.IsInRole("BasicUser"))
                     {
-                       enrolledCoursesTask = this.dashboardService.GetEnrolledCoursesFromMoodleAsync(this.CurrentMoodleUserId, 1);
+                        var learningTask = this.dashboardService.GetMyAccessLearningsAsync(myLearningDashboard, 1);
+                        var resourcesTask = this.dashboardService.GetResourcesAsync(resourceDashboard, 1);
+                        var cataloguesTask = this.dashboardService.GetCataloguesAsync(catalogueDashboard, 1);
+
+                        var enrolledCoursesTask = Task.FromResult(new List<MoodleCourseResponseViewModel>());
+                        var enableMoodle = Task.Run(() => this.featureManager.IsEnabledAsync(FeatureFlags.EnableMoodle)).Result;
+                        this.ViewBag.EnableMoodle = enableMoodle;
+                        this.ViewBag.ValidMoodleUser = this.CurrentMoodleUserId > 0;
+                        if (enableMoodle && myLearningDashboard == "my-enrolled-courses")
+                        {
+                            enrolledCoursesTask = this.dashboardService.GetEnrolledCoursesFromMoodleAsync(this.CurrentMoodleUserId, 1);
+                        }
+
+                        await Task.WhenAll(learningTask, resourcesTask, cataloguesTask);
+
+                        var model = new DashboardViewModel()
+                        {
+                            MyLearnings = await learningTask,
+                            Resources = await resourcesTask,
+                            Catalogues = await cataloguesTask,
+                            EnrolledCourses = await enrolledCoursesTask,
+                        };
+
+                        if (!string.IsNullOrEmpty(this.Request.Query["preview"]) && Convert.ToBoolean(this.Request.Query["preview"]))
+                        {
+                            return this.View("LandingPage", await this.GetLandingPageContent(Convert.ToBoolean(this.Request.Query["preview"])));
+                        }
+
+                        return this.View("Dashboard", model);
                     }
-
-                    await Task.WhenAll(learningTask, resourcesTask, cataloguesTask);
-
-                    var model = new DashboardViewModel()
+                    else
                     {
-                        MyLearnings = await learningTask,
-                        Resources = await resourcesTask,
-                        Catalogues = await cataloguesTask,
-                        EnrolledCourses = await enrolledCoursesTask,
-                    };
-
-                    if (!string.IsNullOrEmpty(this.Request.Query["preview"]) && Convert.ToBoolean(this.Request.Query["preview"]))
-                    {
-                        return this.View("LandingPage", await this.GetLandingPageContent(Convert.ToBoolean(this.Request.Query["preview"])));
+                        return this.RedirectToAction("InvalidUserAccount", "Account");
                     }
-
-                    return this.View("Dashboard", model);
                 }
                 else
                 {
-                    return this.RedirectToAction("InvalidUserAccount", "Account");
+                    return this.RedirectToAction("AlreadyAnActiveSession", "Account");
                 }
             }
             else

LearningHub.Nhs.WebUI/Interfaces/IUserService.cs

@@ -465,6 +465,13 @@ public interface IUserService
         /// <returns>providers.</returns>
         Task<List<ProviderViewModel>> GetProvidersByUserIdAsync(int userId);
 
+        /// <summary>
+        /// To Check User Has An ActiveSession.
+        /// </summary>
+        /// <param name="userId">The userId.</param>
+        /// <returns>A <see cref="Task{TResult}"/> representing the result of the asynchronous operation.</returns>
+        Task<PagedResultSet<UserHistoryViewModel>> CheckUserHasAnActiveSessionAsync(int userId);
+
         /// <summary>
         /// To get the Base64MD5HashDigest value.
         /// </summary>

LearningHub.Nhs.WebUI/LearningHub.Nhs.WebUI.csproj

@@ -143,6 +143,7 @@
 		</PackageReference>
 		<PackageReference Include="NLog.Schema" Version="5.3.4" />
 		<PackageReference Include="NLog.Web.AspNetCore" Version="4.15.0" />
+		<PackageReference Include="UAParser" Version="3.1.47" />
 		<PackageReference Include="UK.NHS.CookieBanner" Version="2.0.7" />
 	</ItemGroup>
 

LearningHub.Nhs.WebUI/Services/UserService.cs

@@ -1864,6 +1864,30 @@ public async Task<List<ProviderViewModel>> GetProvidersByUserIdAsync(int userId)
             return viewmodel;
         }
 
+        /// <inheritdoc/>
+        public async Task<PagedResultSet<UserHistoryViewModel>> CheckUserHasAnActiveSessionAsync(int userId)
+        {
+            PagedResultSet<UserHistoryViewModel> userHistoryViewModel = new PagedResultSet<UserHistoryViewModel>();
+
+            var client = await this.userApiHttpClient.GetClientAsync();
+            var request = $"UserHistory/CheckUserHasActiveSession/{userId}";
+            var response = await client.GetAsync(request).ConfigureAwait(false);
+
+            if (response.IsSuccessStatusCode)
+            {
+                var result = await response.Content.ReadAsStringAsync();
+                userHistoryViewModel = JsonConvert.DeserializeObject<PagedResultSet<UserHistoryViewModel>>(result);
+            }
+            else if (response.StatusCode == HttpStatusCode.Unauthorized || response.StatusCode == HttpStatusCode.Forbidden)
+            {
+                throw new Exception("AccessDenied");
+            }
+
+            return userHistoryViewModel;
+        }
+
+
+
         /// <summary>
         /// The base 64 m d 5 hash digest.
         /// </summary>

LearningHub.Nhs.WebUI/Views/Account/AlreadyAnActiveSession.cshtml

@@ -0,0 +1,15 @@
+@{
+    ViewData["Title"] = "Already active session";
+}
+<div class="bg-white">
+    <div class="nhsuk-width-container app-width-container">
+        <div class="nhsuk-grid-row">
+            <div class="nhsuk-grid-column-full nhsuk-u-padding-top-9 nhsuk-u-padding-bottom-7">
+                <h1 class="nhsuk-heading-xl"> @ViewData["Title"]</h1>
+                <p>You are already logged in from another browser. Please continue using the same browser or close the existing session and try again with a new one.</p>
+                <p>If you have any questions, please contact the <a href="@ViewBag.SupportFormUrl" target="_blank">support team</a>.</p>
+                <p>@DateTimeOffset.Now.ToString("d MMMM yyyy HH:mm:ss")</p>
+            </div>
+        </div>
+    </div>
+</div>