private static void OnPreRequest(object sender, EventArgs e)
{
var app = (HttpApplication)sender;
var context = app.Context;
if (context.CurrentHandler == null)
{
return;
}
var tokenCookie = context.Request.Cookies[TokenParamName];
var token = tokenCookie?.Value;
string login = null;
if (token != null)
{
login = Token.TryDeserialize(token, Settings.HmacKey);
context.Items.Add(LoginParamName, login);
}
if (token == null && !(context.CurrentHandler is Login || context.CurrentHandler is Register || context.CurrentHandler is Scores || context.CurrentHandler is BaseHandler))
{
context.Response.Redirect("/login", true);
}
Log.InfoFormat("{0,-4} '{1}', form '{2}', ua '{3}'", context.Request.HttpMethod.SafeToLog(), context.Request.Unvalidated.RawUrl.SafeToLog(), context.Request.Unvalidated.Form.ToString().SafeToLog(), context.Request.UserAgent.SafeToLog());
if (context.CurrentHandler is System.Web.UI.Page)
{
AntiFlood.CheckFlood($"{context.Request.CurrentExecutionFilePath}:{login ?? context.Request.UserHostAddress}", login != null ? 10 : 50);
}
}
protected override AjaxResult ProcessRequestInternal(HttpContext context)
{
var login = AuthModule.GetAuthLogin();
AntiFlood.CheckFlood($"{context.Request.CurrentExecutionFilePath}:{login}");
var flags = DbStorage.FindFlags(login);
if (ElCapitan.GameEnded(flags))
{
throw new HttpException(403, "The End");
}
var user = DbStorage.FindUserByLogin(login);
if (user == null)
{
throw new HttpException(403, "Access denied");
}
if (user.EndTime != DateTime.MinValue && user.EndTime < DateTime.UtcNow)
{
throw new HttpException(403, "The End");
}
var question = context.Request.Form["question"].TrimToNull();
if (question == null)
{
throw new HttpException(400, "Message is empty");
}
if (question.Length > Settings.MaxMsgLength)
{
throw new HttpException(400, "Message too large");
}
Flag flag;
File[] files;
DateTime timer;
var answer = ElCapitan.GetAnswer(question, flags, out flag, out files, out timer);
var msg = new Msg {
Text = answer, Time = DateTime.UtcNow, Type = MsgType.Answer
};
DbStorage.AddDialog(login, new Msg {
Text = question, Time = DateTime.UtcNow, Type = MsgType.Question
}, new[] { msg }, flag, files);
return(new AjaxResult {
Messages = new[] { msg }, Files = files, Score = flag != null ? 1 : 0, Timer = timer == DateTime.MinValue ? DateTime.MinValue : (user.EndTime != DateTime.MinValue ? user.EndTime : timer)
});
}
private string QueryPublic(string a_sMethod, string props = null)
{
string address = string.Format("{0}/{1}/public/{2}", this.BaseURL, this.Version, a_sMethod);
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(address);
webRequest.ContentType = "application/x-www-form-urlencoded";
webRequest.Method = "POST";
AntiFlood.Synchronize();
if (props != null)
{
using (var writer = new StreamWriter(webRequest.GetRequestStream()))
{
writer.Write(props);
}
}
//Make the request
try
{
using (WebResponse webResponse = webRequest.GetResponse())
{
using (Stream str = webResponse.GetResponseStream())
{
using (StreamReader sr = new StreamReader(str))
{
return(Streams.ToString(sr));
}
}
}
}
catch (WebException wex)
{
using (HttpWebResponse response = (HttpWebResponse)wex.Response)
{
using (Stream str = response.GetResponseStream())
{
using (StreamReader sr = new StreamReader(str))
{
if (response.StatusCode != HttpStatusCode.InternalServerError)
{
throw;
}
return(Streams.ToString(sr));
}
}
}
}
}
public void InitializeCommandHandler()
{
sSendMessage = new SendMessage(_servername);
sIgnoreChannel = new IgnoreChannel(_servername);
sSender = new Sender(_servername);
sMyNickInfo = new MyNickInfo(_servername);
sIgnoreAddon = new IgnoreAddon(_servername);
sIgnoreCommand = new IgnoreCommand(_servername);
sIgnoreNickName = new IgnoreNickName(_servername);
sIgnoreIrcCommand = new IgnoreIrcCommand(_servername);
sMyChannelInfo = new MyChannelInfo(_servername);
sIrcLog = new IrcLog(_servername);
sAntiFlood = new AntiFlood(_servername);
sCtcpSender = new CtcpSender(_servername);
sChannelList = new ChannelList(_servername);
}
protected override AjaxResult ProcessRequestInternal(HttpContext context)
{
var login = AuthModule.GetAuthLogin();
AntiFlood.CheckFlood($"{context.Request.CurrentExecutionFilePath}:{login}");
/*if(DateTime.UtcNow > Settings.BombTimerEnd)
* throw new HttpException(403, "Connection lost...");*/
var user = DbStorage.FindUserByLogin(login);
if (user == null)
{
throw new HttpException(403, "Access denied");
}
var revision = DbStorage.FindBroadcast(login);
var flags = DbStorage.FindFlags(login);
var timer = ElCapitan.HasBombTimer(flags) ? (user.EndTime != DateTime.MinValue ? user.EndTime : Settings.BombTimerEnd) : DateTime.MinValue;
var answers = ElCapitan.GetBroadcastMsgs(ref revision);
if (answers.Length == 0)
{
return new AjaxResult {
Messages = null, Files = null, Score = 0, Timer = timer
}
}
;
var msgs = answers.Select(msg => new Msg {
Text = msg, Time = DateTime.UtcNow, Type = MsgType.Answer
}).ToArray();
DbStorage.AddDialog(login, null, msgs, null, null, revision);
return(new AjaxResult {
Messages = msgs, Files = null, Score = 0, Timer = timer
});
}
}
public ChannelList(string ServerName) : base(ServerName)
{
_servername = ServerName;
sAntiFlood = sIrcBase.Networks[ServerName].sAntiFlood;
sSendMessage = sIrcBase.Networks[ServerName].sSendMessage;
}
protected override AjaxResult ProcessRequestInternal(HttpContext context)
{
AntiFlood.CheckFlood($"{context.Request.CurrentExecutionFilePath}:{context.Request.UserHostAddress}", 50);
User user;
if (context.Request.QueryString["signup"] != null)
{
throw new HttpException(403, "Registration is disabled");
var login = context.Request.Form["login"].TrimToNull();
if (login == null)
{
throw new HttpException(400, "Login is empty");
}
if (login.Length < 4)
{
throw new HttpException(400, "Login too short");
}
if (login.Length > Settings.MaxLoginLength)
{
throw new HttpException(400, "Login too long");
}
try
{
user = new User {
Login = login, Pass = RandomPass(), Avatar = RandomAvatar()
};
DbStorage.AddUser(user);
}
catch (Exception)
{
throw new HttpException(400, "User already exists? Try another login");
}
}
else
{
var pass = context.Request.Form["pass"].TrimToNull();
if (pass == null)
{
throw new HttpException(403, "Access denied");
}
user = DbStorage.FindUserByPass(pass);
if (user == null)
{
throw new HttpException(403, "Access denied");
}
var utcNow = DateTime.UtcNow;
if (user.StartTime > utcNow)
{
throw new HttpException(403, $"Start at '{user.StartTime.ToReadable()}'");
}
if (user.EndTime != DateTime.MinValue && user.EndTime < utcNow)
{
throw new HttpException(403, "The End");
}
}
AuthModule.SetAuthLoginCookie(user.Login.Trim());
return(new AjaxResult {
Text = user.Pass
});
}
private string QueryPrivate(string a_sMethod, string props = null)
{
if (props.IsNullOrWhiteSpace())
{
props = null;
}
// generate a 64 bit nonce using a timestamp at tick resolution
Int64 nonce = DateTime.Now.Ticks;
props = "nonce=" + nonce + props;
string path = string.Format("/{0}/private/{1}", this.Version, a_sMethod);
string address = this.BaseURL + path;
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(address);
webRequest.ContentType = "application/x-www-form-urlencoded";
webRequest.Method = "POST";
webRequest.Headers.Add("API-Key", this.APIKey);
byte[] base64DecodedSecred = System.Convert.FromBase64String(this.PrivateKey);
var np = nonce + System.Convert.ToChar(0) + props;
var pathBytes = Encoding.UTF8.GetBytes(path);
var hash256Bytes = sha256_hash(np);
var z = new byte[pathBytes.Count() + hash256Bytes.Count()];
pathBytes.CopyTo(z, 0);
hash256Bytes.CopyTo(z, pathBytes.Count());
var signature = getHash(base64DecodedSecred, z);
webRequest.Headers.Add("API-Sign", System.Convert.ToBase64String(signature));
if (props != null)
{
using (var writer = new StreamWriter(webRequest.GetRequestStream()))
{
writer.Write(props);
}
}
AntiFlood.Synchronize();
//Make the request
try
{
using (WebResponse webResponse = webRequest.GetResponse())
{
using (Stream str = webResponse.GetResponseStream())
{
using (StreamReader sr = new StreamReader(str))
{
return(Streams.ToString(sr));
}
}
}
}
catch (WebException wex)
{
using (HttpWebResponse response = (HttpWebResponse)wex.Response)
{
using (Stream str = response.GetResponseStream())
{
using (StreamReader sr = new StreamReader(str))
{
if (response.StatusCode != HttpStatusCode.InternalServerError)
{
throw;
}
return(Streams.ToString(sr));
}
}
}
}
}
