Exemple #1
0
        public static void SendErrorPage(HttpListenerResponse response, string message, bool isError, HttpStatusCode status)
        {
            int    statusCode = -1;
            string html       = Encoding.UTF8.GetString(WebsiteRequestProcessor.OnRequest("/errorPage.html", out string contentType, ref statusCode));

            response.StatusCode  = (int)status;
            response.ContentType = "text/html";
            html = Utils.FormatString(html, message, isError ? "" : "display: none;", isError ? "display: none;" : "");

            HttpStream stream = new HttpStream(response);

            stream.Send(html);
            stream.Close();
        }
Exemple #2
0
        static void processRequest(HttpListenerContext context)
        {
            HttpListenerRequest request = context.Request;

            string sessionID = GetCookie(request, "SessionID");

            string clientIP = context.Request.RemoteEndPoint.Address.ToString();

            Authentication authentication;

            if (SessionsManager.Instance.VerifyKey(sessionID, out Session session))
            {
                authentication = new Authentication(session.AuthenticationLevel, session.OwnerUserID, sessionID, clientIP);
            }
            else
            {
                authentication = new Authentication(AuthenticationLevel.None, "", "", clientIP);
            }

            string operation = request.QueryString.Get("operation");

            string absolutePath = request.Url.AbsolutePath;

            if (absolutePath == "/api/" || absolutePath == "/api")
            {
                if (operation != null && Operations.TryGetValue(operation, out OperationBase selectedOperation))
                {
                    try
                    {
                        Stopwatch stopwatch = new Stopwatch();
                        stopwatch.Start();

                        bool isAllowedToCall = authentication.HasAtLeastAuthenticationLevel(selectedOperation.MinimumAuthenticationLevelToCall);

                        if (authentication.IsBanned)
                        {
                            if (selectedOperation.AllowedForBannedUsers == OperationBase.BannedUserCallability.Never)
                            {
                                isAllowedToCall = false;
                            }

                            if (selectedOperation.AllowedForBannedUsers == OperationBase.BannedUserCallability.Default)
                            {
                                if (selectedOperation.MinimumAuthenticationLevelToCall != AuthenticationLevel.None)
                                {
                                    isAllowedToCall = false;
                                }
                            }
                        }

                        if (isAllowedToCall)
                        {
                            selectedOperation.OnOperation(context, authentication);
                        }
                        else
                        {
                            byte[] data = selectedOperation.OnUnauthorized(authentication, out string contentType);

                            context.Response.ContentType      = contentType;
                            context.Response.StatusCode       = (int)HttpStatusCode.Unauthorized;
                            context.Response.ContentLength64 += data.Length;
                            context.Response.OutputStream.Write(data, 0, data.Length);
                            context.Response.Close();
                        }

                        stopwatch.Stop();
                    }
                    catch (Exception e)
                    {
                        try
                        {
                            byte[] data = selectedOperation.GetResponseForError(e, out string contentType);

                            context.Response.ContentType      = contentType;
                            context.Response.StatusCode       = (int)HttpStatusCode.InternalServerError;
                            context.Response.ContentLength64 += data.Length;
                            context.Response.OutputStream.Write(data, 0, data.Length);
                            context.Response.Close();
                        }
                        catch
                        {
                            // At this point just forget it and move on
                            context.Response.Abort();
                            return;
                        }
                    }
                }
                else
                {
                    if (operation == null)
                    {
                        operation = "null";
                    }

                    Utils.SendErrorPage(context.Response, "invalid operation \"" + operation + "\"", true, HttpStatusCode.BadRequest);
                }
            }
            else
            {
                try
                {
                    WebsiteRequestProcessor.OnRequest(context);
                }
                catch (Exception e)
                {
#if DEBUG
                    //OutputConsole.WriteLine("\n" + e.ToString());
#endif
                }
            }
        }