public async Task <IActionResult> Post([FromBody] RpcRequest request) { /*https azure * if (!HttpContext.Request.IsHttps) * { * logger.LogInformation(@"POST Bad request (only SSL)"); * return BadRequest("Only SSL"); * }*/ if (!ModelState.IsValid) { return(BadRequest(ModelState)); } //читаем ключ сессии из cookies string sessionKey = string.Empty; if (HttpContext.Request.Cookies.ContainsKey(SessionKeyCookie)) { sessionKey = HttpContext.Request.Cookies[SessionKeyCookie]; } string userAgent = Request.Headers["User-Agent"].ToString(); string ipAddress = HttpContext.Connection.RemoteIpAddress.ToString(); var requestContainer = new RpcRequestContainer() { RpcRequest = request, Identity = new Identity(sessionKey, userAgent, ipAddress) }; try { RpcResponseContainer responseContainer = await rpcRepository.ExecAsync(requestContainer); } catch (error) { RpcResponseContainer responseContainer = new RpcResponseContainer() { RpcResponse = new RpcResponse() { Error = new RpcError() } }; } //изменяем агент в cookies if (string.IsNullOrEmpty(responseContainer.SessionKey)) { //удаляем SessionKey из cookies HttpContext.Response.Cookies.Delete(SessionKeyCookie); } else if (!string.Equals(responseContainer.SessionKey, sessionKey)) { //устанавливаем в cookies новый SessionKey если изменился HttpContext.Response.Cookies.Append(SessionKeyCookie, responseContainer.SessionKey, new CookieOptions() { HttpOnly = true, Expires = responseContainer.ExpirationDate ?? DateTime.MaxValue }); //new CookieOptions { Domain = HttpContext.Request.Host.Host, /*SameSite = SameSiteMode.None,*/ HttpOnly = true, Expires = DateTime.MaxValue}); } return(Ok(responseContainer.RpcResponse)); }
public async Task <RpcResponseContainer> ExecAsync(RpcRequestContainer requestContainer) { RpcResponseContainer responseContainer = new RpcResponseContainer(); responseContainer.RpcResponse.ID = requestContainer.RpcRequest.ID; using (SqlConnection conn = new SqlConnection(connectionString)) //startup using (SqlCommand cmdAuth = new SqlCommand(@"Auth.Startup", conn)) using (SqlCommand cmdQuery = requestContainer.RpcRequest.Method != null ? new SqlCommand(requestContainer.RpcRequest.Method, conn) : null) //создаем если имя процедуры указано { /*startup * cmdAuth.CommandType = CommandType.StoredProcedure; * * cmdAuth.Parameters.AddRange(new SqlParameter[] { * new SqlParameter() {ParameterName = @"UserAgent", Direction = ParameterDirection.Input, SqlDbType = SqlDbType.NVarChar, Size = 512, Value = requestContainer.Identity.UserAgent }, * new SqlParameter() {ParameterName = @"IPAddress", Direction = ParameterDirection.Input, SqlDbType = SqlDbType.NVarChar, Size = 512, Value = requestContainer.Identity.IPAddress}, * new SqlParameter() {ParameterName = @"SessionKey", Direction = ParameterDirection.InputOutput, SqlDbType = SqlDbType.NVarChar, Size = 512, Value = requestContainer.Identity.SessionKey }, * new SqlParameter() {ParameterName = @"Message", Direction = ParameterDirection.Output, SqlDbType = SqlDbType.NVarChar, Size = 512 }, * //new SqlParameter() {ParameterName = @"ExpirationDate", Direction = ParameterDirection.Output, SqlDbType = SqlDbType.DateTime2 }, * });*/ if (cmdQuery != null) { cmdQuery.CommandType = CommandType.StoredProcedure; if (requestContainer.RpcRequest.Params != null) { var prms = requestContainer.RpcRequest.Params as IDictionary <string, object>; foreach (string key in prms.Keys) { if (prms[key] is ExpandoObject) { cmdQuery.Parameters.Add(new SqlParameter() { ParameterName = key, Value = JsonConvert.SerializeObject(prms[key]), }); } else { cmdQuery.Parameters.Add(new SqlParameter() { ParameterName = key, Value = prms[key], }); } } } } try { await conn.OpenAsync(); //cmd.Prepare(); /*startup * await cmdAuth.ExecuteNonQueryAsync(); * responseContainer.SessionKey = cmdAuth.Parameters[@"SessionKey"].Value.ToString();*/ ////var expiarationDate = cmdAuth.Parameters[@"ExpirationDate"].Value; ////responseContainer.ExpirationDate = expiarationDate == DBNull.Value ? null : (DateTime?)expiarationDate; /*startup * var message = cmdAuth.Parameters[@"Message"].Value.ToString(); * if (!string.IsNullOrEmpty(message)) //если есть сообщение - возвращаем ошибку авторизации * { * responseContainer.RpcResponse.Error = new RpcError(401, message); * return responseContainer; * }*/ if (cmdQuery != null) { using (var datareader = await cmdQuery.ExecuteJsonReaderAsync()) { responseContainer.RpcResponse.Result = datareader.ReadAll(); } } } catch (Exception ex) { var message = ex.Message.Replace("\nThe transaction ended in the trigger. The batch has been aborted.", @""); //вырезаем из ошибки текст об откате батча responseContainer.RpcResponse.Error = new RpcError(500, message); } finally { conn.Close(); } } return(responseContainer); }