public override bool PostProcess(BadrRequest request, BadrResponse response, out string errorMessage)
{
CookiesSettings cookiesSettings = SiteManager.Settings.Cookies;
errorMessage = null;
if ((!cookiesSettings.SessionSecure || request.IsSecure)
&& response.Status.IsSuccess() && request.Session != null && request.Session.SendCookie)
{
HttpCookieFragment sessionFragment = new HttpCookieFragment(
name: CookieNames.SESSION_ID,
value: request.Session.ID,
path: "/",
domain: request.DomainUri.Host);
if(cookiesSettings != null)
{
if(!SiteManager.Settings.Cookies.SessionExpireAtBrowserClose)
sessionFragment[HttpCookieFragment.ATTR_MAX_AGE] = cookiesSettings.SessionAge.ToString();
sessionFragment.IsSecure = cookiesSettings.SessionSecure;
sessionFragment.IsHttpOnly = cookiesSettings.SessionHttpOnly;
}
response.Cookies[CookieNames.SESSION_ID] = sessionFragment;
}
return true;
}
public HttpResponse Handle(BadrRequest request)
{
string exceptionMessage = null;
string errorMessage;
BadrResponse response = null;
try
{
if (request == null)
throw new Exception ("Request is not a BadrRequest");
if (!request.ValidMethod)
return BadrResponse.Create (request, HttpResponseStatus._405);
if (ValidateHost (request.Headers [HttpRequestHeaders.Host]))
{
MiddlewareProcessStatus middlewarePreProcessStatus = SiteManager.Middlewares.PreProcess (request, out errorMessage);
if ((middlewarePreProcessStatus & MiddlewareProcessStatus.Stop) == MiddlewareProcessStatus.Stop)
exceptionMessage = string.Format ("Request pre-processing error: {0}", errorMessage);
else
{
ViewUrl viewUrl = SiteManager.Urls.GetViewUrl (request.Resource);
if (viewUrl != null)
{
request.ViewUrl = viewUrl;
response = viewUrl.View (request, viewUrl.GetArgs (request.Resource));
} else
exceptionMessage = string.Format ("Unknown resource url: {0}", request.Resource);
if (response != null)
if (!SiteManager.Middlewares.PostProcess (request, response, out errorMessage))
exceptionMessage = string.Format ("Request post-processing error: {0}", errorMessage);
}
} else
throw new Exception (string.Format ("Unknown host '{0}'", request.Headers [HttpRequestHeaders.Host]));
if (exceptionMessage != null)
{
if (SiteManager.Settings.Debug)
throw new Exception (exceptionMessage);
else
{
_Logger.Error (exceptionMessage);
return BadrResponse.Create (request, HttpResponseStatus._404);
}
} else
return response;
} catch (Exception ex)
{
_Logger.Error (ex.Message, ex);
if (SiteManager.Settings.Debug)
return BadrResponse.CreateDebugResponse (request, ex);
else
return BadrResponse.Create (request, HttpResponseStatus._404);
}
}
public static BadrResponse ModelView(BadrRequest request, UrlArgs args)
{
dynamic model = Model.Manager(args[1]).Get(int.Parse(args["model_id"]));
dynamic tc = new TemplateContext();
tc.modelName = args[1];
tc.model = model;
return BadrResponse.Create(request, tc);
}
public static BadrResponse ModelListView(BadrRequest request, UrlArgs args)
{
string modelName = args[1];
string pageNum = args["page_num"];
dynamic modelsPage = Model.Manager(modelName).Page(pageNum != null ? int.Parse(pageNum) : 1, 20);
dynamic tc = new TemplateContext ();
tc.modelName = modelName;
tc.modelsPage = modelsPage;
return BadrResponse.Create (request, tc);
}
public bool PostProcess(BadrRequest wRequest, BadrResponse wResponse, out string errorMessage)
{
bool result = true;
errorMessage = null;
foreach (MiddlewareBase middleware in _middlewares)
{
result = middleware.PostProcess(wRequest, wResponse, out errorMessage);
if (!result || !wResponse.Status.IsSuccess())
return result;
}
return result;
}
public override MiddlewareProcessStatus PreProcess(BadrRequest request, out string errorMessage)
{
if (!HttpRequest.IsSafeMethod(request.Method))
{
if (!request.POST.Contains(CSRF_INPUT_NAME)
|| request.CsrfToken != request.POST[CSRF_INPUT_NAME].ToString())
{
errorMessage = "POST request does not contain valid csrf token";
_Logger.Error(errorMessage);
return MiddlewareProcessStatus.ErrorStop;// WResponseStatus._403;
}
}
errorMessage = null;
return MiddlewareProcessStatus.Continue;
}
public MiddlewareProcessStatus PreProcess(BadrRequest wRequest, out string errorMessage)
{
errorMessage = null;
if (wRequest == null)
{
errorMessage = "Request is null";
return MiddlewareProcessStatus.ErrorStop;//._501;
}
foreach (MiddlewareBase middleware in _middlewares)
{
MiddlewareProcessStatus mps = middleware.PreProcess(wRequest, out errorMessage);
if ((mps & MiddlewareProcessStatus.Stop) == MiddlewareProcessStatus.Stop)
return mps;
}
return MiddlewareProcessStatus.Continue;
}
public override bool PostProcess(BadrRequest request, BadrResponse response, out string errorMessage)
{
errorMessage = null;
if ((!SiteManager.Settings.Cookies.CsrfSecure || request.IsSecure)
&& response.Status.IsSuccess() && IsValidCsrf(request))
{
HttpCookieFragment csrfFragment = new HttpCookieFragment(
name: CookieNames.CSRF_TOKEN,
value: request.CsrfToken,
path: "/",
domain: request.DomainUri.Host);
if(SiteManager.Settings.Cookies != null)
{
csrfFragment.IsSecure = SiteManager.Settings.Cookies.CsrfSecure;
}
response.Cookies[CookieNames.CSRF_TOKEN] = csrfFragment;
}
return true;
}
public static BadrResponse ServeStaticFiles(BadrRequest request, UrlArgs args = null)
{
string resourcePath = null;
if (args != null && (resourcePath = args[STATIC_RESOURCE_GROUP_NAME]) != null)
{
bool reloadFile = true;
bool conditionalGet = request.Headers[HttpRequestHeaders.IfModifiedSince] != null;
DateTime resourceLastModificationDate = StaticFilesManager.GetLastModificationTimeUtc(resourcePath);
DateTime clientLastModificationDate;
if(conditionalGet)
{
if(DateTime.TryParse(request.Headers[Badr.Net.Http.Request.HttpRequestHeaders.IfModifiedSince], out clientLastModificationDate))
{
reloadFile = resourceLastModificationDate.CompareTo(clientLastModificationDate) > 0;
}
}
BadrResponse response;
if (reloadFile){
response = new StaticResponse(request, MimeMapping.GetMimeMapping(resourcePath))
{
Status = HttpResponseStatus._200,
BodyBytes = StaticFilesManager.GetFileBytes(resourcePath)
};
}
else {
response = new BadrResponse(request) { Status = HttpResponseStatus._304 };
}
response.Headers.Add(HttpResponseHeaders.LastModified, resourceLastModificationDate.ToString("r"));
return response;
}
return null;
}
public RenderContext(BadrRequest badrRequest)
{
BadrRequest = badrRequest;
_renderedTemplate = new StringBuilder();
}
private bool IsValidCsrf(BadrRequest request)
{
return !(string.IsNullOrEmpty(request.CsrfToken) || request.CsrfToken.Trim() == "");
}
public override bool ResolveSpecialTag(BadrRequest request, string spetagName, out string result)
{
if (request != null && spetagName == CSRF_SPE_TAG_NAME)
{
if (!IsValidCsrf(request))
request.CsrfToken = Security.GenerateId(24);
result = string.Format("<input type=\"hidden\" name=\"{0}\" value=\"{1}\"/>", CSRF_INPUT_NAME, request.CsrfToken);
return true;
}
return base.ResolveSpecialTag(request, spetagName, out result);
}
public override MiddlewareProcessStatus PreProcess(BadrRequest request, out string errorMessage)
{
string sessionId = request.Cookies[CookieNames.SESSION_ID].Value;
bool sessionReceived = !string.IsNullOrWhiteSpace(sessionId);
if (!sessionReceived)
sessionId = Security.GenerateId(24);
request.Session = new BadrSession(sessionId) { SendCookie = !sessionReceived };
errorMessage = null;
return MiddlewareProcessStatus.Continue;
}
private BadrResponse View1(BadrRequest request, UrlArgs args)
{
return null;
}
private BadrResponse EmptyView(BadrRequest request, UrlArgs args)
{
return null;
}
public override bool ResolveSpecialTag(BadrRequest request, string spetagName, out string result)
{
if (request != null && spetagName == SESSION_SPE_TAG_NAME)
{
result = request.Session.ID;
return true;
}
return base.ResolveSpecialTag(request, spetagName, out result);
}
public string ResolveSpecialTag(BadrRequest wRequest, string spetagName)
{
string result = "";
foreach (MiddlewareBase middleware in _middlewares)
{
if (middleware.ResolveSpecialTag(wRequest, spetagName, out result))
return result;
}
return result;
}
public StaticResponse(BadrRequest request, string contenttype = DEFAULT_CONTENT_TYPE, string charset = DEFAULT_CHARSET)
: base(request, contenttype, charset)
{
}
public string Render(BadrRequest request, TemplateContext context)
{
if (ContainsErrors)
throw new TemplateException(string.Join(Environment.NewLine, Errors.Select(te => te.Message)), this);
if (_isStaticTemplate)
return TemplateContent;
else
return new RenderContext(request).Render(_scope0, context);
}
public virtual bool ResolveSpecialTag(BadrRequest request, string spetagName, out string result)
{
result = "";
return false;
}
public abstract MiddlewareProcessStatus PreProcess(BadrRequest request, out string errorMessage);
public abstract bool PostProcess(BadrRequest request, BadrResponse response, out string errorMessage);
