public void Process(ISemanticProcessor proc, IMembrane membrane, Login login)
{
IDbContextService db = proc.ServiceManager.Get <IDbContextService>();
List <UserAccount> uas = db.Context.Query <UserAccount>(r => r.Email == login.Email);
if (uas.Count == 1)
{
if (PasswordHash.ValidatePassword(login.Password, uas[0].PasswordHash))
{
if (uas[0].Registered)
{
proc.ServiceManager.Get <IWebSessionService>().Authenticate(login.Context);
JsonResponse(proc, login, "{'state': 'OK'}");
IWebSessionService session = proc.ServiceManager.Get <IWebSessionService>();
session.SetSessionObject(login.Context, "OneTimeAlert", "Welcome Back " + uas[0].FirstName + "!");
session.SetSessionObject(login.Context, "UserName", uas[0].FullName);
session.SetSessionObject(login.Context, "UserAccount", uas[0]);
session.SetSessionObject(login.Context, "RoleMask", uas[0].RoleMask);
}
else
{
JsonResponse(proc, login, "{'state': 'RegisterFirst'}");
}
}
else
{
JsonResponse(proc, login, "{'state': 'BadAccount'}");
}
}
else
{
JsonResponse(proc, login, "{'state': 'NotFound'}");
}
}
protected WorkflowState PostRouterRendering(WorkflowContinuation <PostRouteWorkflowData> wc, PostRouteWorkflowData data)
{
string template = data.HtmlResponse.Html;
IWebSessionService sessionSvc = ServiceManager.Get <IWebSessionService>();
List <string> objectNames = new List <string>()
{
"session", "context", "cfg"
};
List <object> objects = new List <object>()
{
sessionSvc, data.Context, ServiceManager.Get <IAppConfigService>()
};
objectNames.AddRange(appTemplateObjects.Keys);
objects.AddRange(appTemplateObjects.Values);
try
{
string newHtml = templateEngine.Parse(template, objectNames.ToArray(), objects.ToArray());
data.HtmlResponse.Html = newHtml;
}
catch (Exception ex)
{
// ServiceManager.Get<ILoggerService>().Log(ex);
ServiceManager.Get <ISemanticProcessor>().ProcessInstance <LoggerMembrane, ST_Exception>(ex2 => ex2.Exception = ex);
}
return(WorkflowState.Continue);
}
protected ContextValueDictionary CreateOrGetContextValueDictionary(ISemanticProcessor proc, Clifton.WebInterfaces.IContext context)
{
ContextValueDictionary cvd;
IWebSessionService session = proc.ServiceManager.Get <IWebSessionService>();
if (!session.TryGetSessionObject(context, "CVD", out cvd))
{
cvd = new ContextValueDictionary();
session.SetSessionObject(context, "CVD", cvd);
}
return(cvd);
}
public void Process(ISemanticProcessor proc, IMembrane membrane, UpdateAccountInfo acctInfo)
{
IWebSessionService session = proc.ServiceManager.Get <IWebSessionService>();
UserAccount ua = session.GetSessionObject <UserAccount>(acctInfo.Context, "UserAccount");
ua.FirstName = acctInfo.FirstName;
ua.LastName = acctInfo.LastName;
ua.Email = acctInfo.Email;
session.SetSessionObject(acctInfo.Context, "UserName", ua.FullName);
if (!String.IsNullOrEmpty(acctInfo.Password))
{
ua.PasswordHash = PasswordHash.CreateHash(acctInfo.Password);
}
IDbContextService db = proc.ServiceManager.Get <IDbContextService>();
db.Context.Update(ua);
proc.ServiceManager.Get <IWebSessionService>().SetSessionObject(acctInfo.Context, "OneTimeAlert", "Your account information has been updated.");
JsonResponse(proc, acctInfo, "{'state': 'OK'}");
}
public void Process(ISemanticProcessor proc, IMembrane membrane, Route route)
{
IAuthenticatingRouterService routerService = proc.ServiceManager.Get <IAuthenticatingRouterService>();
HttpListenerContext context = route.Context;
HttpVerb verb = context.Verb();
UriPath path = context.Path();
string searchRoute = GetSearchRoute(verb, path);
string data = route.Data;
RouteInfo routeInfo;
// TODO: Session manager may not exist. How do we handle services that are missing?
IWebSessionService session = proc.ServiceManager.Get <IWebSessionService>();
// Semantic routes can be either public or authenticated.
if (routerService.Routes.TryGetValue(searchRoute, out routeInfo))
{
// Public routes always authenticate.
bool authenticatedRoute = true;
bool authorizedRoute = true;
if (routeInfo.RouteType == RouteType.AuthenticatedRoute)
{
session.UpdateState(context);
authenticatedRoute = session.IsAuthenticated(context);
}
if (routeInfo.RouteType == RouteType.RoleRoute)
{
session.UpdateState(context);
authenticatedRoute = session.IsAuthenticated(context);
// User must be authenticated and have the correct role setting.
if (authenticatedRoute)
{
// Any bits that are set with a binary "and" of the route's role mask and the current role passes the authorization test.
uint mask = session.GetSessionObject <uint>(context, "RoleMask");
authorizedRoute = (mask & routeInfo.RoleMask) != 0;
}
}
if (authenticatedRoute && authorizedRoute)
{
Type receptorSemanticType = routeInfo.ReceptorSemanticType;
SemanticRoute semanticRoute = (SemanticRoute)Activator.CreateInstance(receptorSemanticType);
semanticRoute.PostData = data;
if (!String.IsNullOrEmpty(data))
{
// Is it JSON?
// NOTE: "JSON" is passed in as a string, not object. So this is what it looks like in the Javascript:
// $.post("/geeks/createProfile", '{ "profileName": "foobar" }'
// Note the surrounding ' marks
if (data[0] == '{')
{
JsonConvert.PopulateObject(data, semanticRoute);
}
else
{
// Instead here, the data is passed in as an object, which comes in as params. The Javascript for this looks like:
// $.post("/geeks/createProfile", { "profileName": profileName }
// Note the lack of surrounding ' around the { }
// Example: "username=sdfsf&password=sdfsdf&LoginButton=Login"
string[] parms = data.Split('&');
foreach (string parm in parms)
{
string[] keyVal = parm.Split('=');
PropertyInfo pi = receptorSemanticType.GetProperty(keyVal[0], BindingFlags.Public | BindingFlags.Instance | BindingFlags.IgnoreCase);
if (pi != null)
{
// TODO: Should handling of "+" be before or after the UnescapedDataString call?
object valOfType = Converter.Convert(Uri.UnescapeDataString(keyVal[1].Replace('+', ' ')), pi.PropertyType);
pi.SetValue(semanticRoute, valOfType);
}
}
}
}
else if (verb.Value == "GET")
{
// Parse parameters
NameValueCollection nvc = context.Request.QueryString;
foreach (string key in nvc.AllKeys)
{
PropertyInfo pi = receptorSemanticType.GetProperty(key, BindingFlags.Public | BindingFlags.Instance | BindingFlags.IgnoreCase);
if (pi != null)
{
// pi.SetValue(semanticRoute, Uri.UnescapeDataString(nvc[key].Replace('+', ' ')));
// TODO: Should handling of "+" be before or after the UnescapedDataString call?
object valOfType = Converter.Convert(Uri.UnescapeDataString(nvc[key].Replace('+', ' ')), pi.PropertyType);
pi.SetValue(semanticRoute, valOfType);
}
}
}
// Must be done AFTER populating the object -- sometimes the json converter nulls the base class!
semanticRoute.Context = context;
proc.ProcessInstance <WebServerMembrane>(semanticRoute, true);
}
else
{
// Deal with expired or requires authentication.
switch (session.GetState(context))
{
case SessionState.New:
// TODO: Oh man, this is application specific!!!
session.SetSessionObject(context, "OneTimeBadAlert", "Please Sign In");
context.Redirect("/account/login");
//proc.ProcessInstance<WebServerMembrane, StringResponse>(r =>
//{
// r.Context = context;
// r.Message = "authenticationRequired"; // used in clifton.spa.js to handle SPA error responses
// r.StatusCode = 403;
//});
break;
case SessionState.Authenticated:
proc.ProcessInstance <WebServerMembrane, StringResponse>(r =>
{
r.Context = context;
r.Message = "notAuthorized"; // used in clifton.spa.js to handle SPA error responses
r.StatusCode = 401;
});
break;
case SessionState.Expired:
session.SetSessionObject(context, "OneTimeBadAlert", "Session expired. Please sign in again.");
context.Redirect("/account/login");
//proc.ProcessInstance<WebServerMembrane, StringResponse>(r =>
//{
// r.Context = context;
// r.Message = "sessionExpired"; // used in clifton.spa.js to handle SPA error responses
// r.StatusCode = 401;
//});
break;
}
}
}
else
{
proc.ProcessInstance <LoggerMembrane, ST_Log>(msg => msg.Message = "Using default handler: " + verb.Value + ": " + path.Value);
// Put the context on the bus for some service to pick up.
// All unhandled context are assumed to be public routes.
proc.ProcessInstance <WebServerMembrane, UnhandledContext>(c => c.Context = context);
}
}
public SessionStateInstance(HttpListenerContext context, IWebSessionService sessionService)
{
Context = context;
SessionService = sessionService;
}
public SessionStateInstance(HttpListenerContext context, IWebSessionService sessionService)
{
Context = context;
SessionService = sessionService;
}
public void Process(ISemanticProcessor proc, IMembrane membrane, Route route)
{
IAuthenticatingRouterService routerService = proc.ServiceManager.Get <IAuthenticatingRouterService>();
IContext context = route.Context;
HttpVerb verb = context.Verb();
UriPath path = context.Path();
string searchRoute = GetSearchRoute(verb, path);
string data = route.Data;
RouteInfo routeInfo;
IPAddress addr = context.Request.RemoteEndPoint.Address;
string ip = addr.ToString();
// Handle localhost format.
if (ip == "::1")
{
addr = new IPAddress(new byte[] { 127, 0, 0, 1 });
}
Console.WriteLine(DateTime.Now.ToString("MM/dd/yyyy HH:mm:ss tt ") + "IP: " + addr.ToString() + " URL: " + route.Context.Request.Url);
// TODO: Session manager may not exist. How do we handle services that are missing?
IWebSessionService session = proc.ServiceManager.Get <IWebSessionService>();
// Semantic routes can be either public or authenticated.
if (routerService.Routes.TryGetValue(searchRoute, out routeInfo))
{
// Public routes always authenticate.
bool authenticatedRoute = true;
bool authorizedRoute = true;
if (routeInfo.RouteType == RouteType.AuthenticatedRoute)
{
session.UpdateState(context);
authenticatedRoute = session.IsAuthenticated(context);
}
if (routeInfo.RouteType == RouteType.RoleRoute)
{
session.UpdateState(context);
authenticatedRoute = session.IsAuthenticated(context);
// User must be authenticated and have the correct role setting.
if (authenticatedRoute)
{
// Any bits that are set with a binary "and" of the route's role mask and the current role passes the authorization test.
uint mask = session.GetSessionObject <uint>(context, "RoleMask");
authorizedRoute = (mask & routeInfo.RoleMask) != 0;
}
}
if (authenticatedRoute) // user is authenticated
{
session.UpdateLastTransaction(context);
}
if (authenticatedRoute && authorizedRoute)
{
Type receptorSemanticType = routeInfo.ReceptorSemanticType;
SemanticRoute semanticRoute = (SemanticRoute)Activator.CreateInstance(receptorSemanticType);
semanticRoute.PostData = data;
if (!String.IsNullOrEmpty(data))
{
// Is it JSON?
// NOTE: "JSON" is passed in as a string, not object. So this is what it looks like in the Javascript:
// $.post("/geeks/createProfile", '{ "profileName": "foobar" }'
// Note the surrounding ' marks
if (data[0] == '{')
{
JsonConvert.PopulateObject(data, semanticRoute);
SetUrlParameters(context.Request.Url.ToString(), semanticRoute, receptorSemanticType);
}
else if (MultiPartParser.IsMultiPart(data))
{
MultiPartParser.ContentType ct = MultiPartParser.GetContentType(data);
string content = MultiPartParser.GetContent(data);
if (!(semanticRoute is IFileUpload))
{
throw new RouterException("Semantic route class must implement IFileUpload");
}
((IFileUpload)semanticRoute).Content = content;
}
else
{
// Instead here, the data is passed in as an object, which comes in as params. The Javascript for this looks like:
// $.post("/geeks/createProfile", { "profileName": profileName }
// Note the lack of surrounding ' around the { }
// Example: "username=sdfsf&password=sdfsdf&LoginButton=Login"
// Use $.post(url, JSON.stringify(data) to convert to JSON
string[] parms = data.Split('&');
foreach (string parm in parms)
{
string[] keyVal = parm.Split('=');
PropertyInfo pi = receptorSemanticType.GetProperty(keyVal[0], BindingFlags.Public | BindingFlags.Instance | BindingFlags.IgnoreCase);
if (pi != null)
{
// TODO: Should handling of "+" be before or after the UnescapedDataString call?
object valOfType = Converter.Convert(Uri.UnescapeDataString(keyVal[1].Replace('+', ' ')), pi.PropertyType);
pi.SetValue(semanticRoute, valOfType);
}
}
}
}
else if (verb.Value == "GET")
{
SetUrlParameters(context.Request.Url.ToString(), semanticRoute, receptorSemanticType);
}
// Must be done AFTER populating the object -- sometimes the json converter nulls the base class!
semanticRoute.Context = context;
// TODO: Why are we doing this on the caller thread, except for debugging???
proc.ProcessInstance <WebServerMembrane>(semanticRoute, true);
}
else
{
// Deal with expired or requires authentication.
switch (session.GetState(context))
{
case SessionState.New:
// TODO: Oh man, this is application specific!!!
session.SetSessionObject(context, "OneTimeBadAlert", "Please Sign In");
context.Redirect("/account/login");
//proc.ProcessInstance<WebServerMembrane, StringResponse>(r =>
//{
// r.Context = context;
// r.Message = "authenticationRequired"; // used in clifton.spa.js to handle SPA error responses
// r.StatusCode = 403;
//});
break;
case SessionState.Authenticated:
proc.ProcessInstance <WebServerMembrane, StringResponse>(r =>
{
r.Context = context;
r.Message = "notAuthorized"; // used in clifton.spa.js to handle SPA error responses
r.StatusCode = 401;
});
break;
case SessionState.Expired:
session.SetSessionObject(context, "OneTimeBadAlert", "Session expired. Please sign in again.");
context.Redirect("/account/login");
//proc.ProcessInstance<WebServerMembrane, StringResponse>(r =>
//{
// r.Context = context;
// r.Message = "sessionExpired"; // used in clifton.spa.js to handle SPA error responses
// r.StatusCode = 401;
//});
break;
}
}
}
else
{
// proc.ProcessInstance<LoggerMembrane, ST_Log>(msg => msg.Message = "Using default handler: " + verb.Value + ": " + path.Value);
// Put the context on the bus for some service to pick up.
// All unhandled context are assumed to be public routes.
proc.ProcessInstance <WebServerMembrane, UnhandledContext>(c => c.Context = context);
}
}
public SessionStateInstance(IContext context, IWebSessionService sessionService)
{
Context = context;
SessionService = sessionService;
}
