/// <summary>
/// Invokes the logic of the middleware.
/// </summary>
/// <param name="context">The <see cref="HttpContext"/>.</param>
/// <returns>A <see cref="Task"/> that completes when the middleware has completed processing.</returns>
public async Task Invoke(HttpContext context)
{
var isNewSessionKey = false;
Func <bool> tryEstablishSession = ReturnTrue;
var cookieValue = context.Request.Cookies[_options.Cookie.Name];
var sessionKey = CookieProtection.Unprotect(_dataProtector, cookieValue, _logger);
if (string.IsNullOrWhiteSpace(sessionKey) || sessionKey.Length != SessionKeyLength)
{
// No valid cookie, new session.
var guidBytes = new byte[16];
RandomNumberGenerator.Fill(guidBytes);
sessionKey = new Guid(guidBytes).ToString();
cookieValue = CookieProtection.Protect(_dataProtector, sessionKey);
var establisher = new SessionEstablisher(context, cookieValue, _options);
tryEstablishSession = establisher.TryEstablishSession;
isNewSessionKey = true;
}
var feature = new SessionFeature();
feature.Session = _sessionStore.Create(sessionKey, _options.IdleTimeout, _options.IOTimeout, tryEstablishSession, isNewSessionKey);
context.Features.Set <ISessionFeature>(feature);
try
{
await _next(context);
}
finally
{
context.Features.Set <ISessionFeature>(null);
if (feature.Session != null)
{
try
{
await feature.Session.CommitAsync();
}
catch (OperationCanceledException)
{
_logger.SessionCommitCanceled();
}
catch (Exception ex)
{
_logger.ErrorClosingTheSession(ex);
}
}
}
}
/// <summary>
/// Invokes the logic of the middleware.
/// </summary>
/// <param name="context">The <see cref="HttpContext"/>.</param>
/// <returns>A <see cref="Task"/> that completes when the middleware has completed processing.</returns>
public async Task Invoke(HttpContext context)
{
var isNewSessionKey = false;
Func <bool> tryEstablishSession = ReturnTrue;
//var cookieValue = context.Request.Cookies[_options.Cookie.Name]; //old code
//var sessionKey = CookieProtection.Unprotect(_dataProtector, cookieValue, _logger); //old code
var sessionInfo = this.getSessionKeyInfo(context);
var sessionKey = sessionInfo.Item1;
if (sessionInfo.Item2) //string.IsNullOrWhiteSpace(sessionKey) || sessionKey.Length != SessionKeyLength)
{
var establisher = new SessionEstablisher(context, sessionKey, _options); // cookieValue, _options);
tryEstablishSession = establisher.TryEstablishSession;
isNewSessionKey = true;
}
var feature = new SessionFeature();
feature.Session = _sessionStore.Create(sessionKey, _options.IdleTimeout, _options.IOTimeout, tryEstablishSession, isNewSessionKey);
context.Features.Set <ISessionFeature>(feature);
try
{
await _next(context);
}
finally
{
context.Features.Set <ISessionFeature>(null);
if (feature.Session != null)
{
try
{
await feature.Session.CommitAsync(context.RequestAborted);
}
catch (OperationCanceledException)
{
_logger.SessionCommitCanceled();
}
catch (Exception ex)
{
_logger.ErrorClosingTheSession(ex);
}
}
}
}
/// <summary>
/// Invokes the logic of the middleware.
/// </summary>
/// <param name="context">The <see cref="HttpContext"/>.</param>
/// <returns>A <see cref="Task"/> that completes when the middleware has completed processing.</returns>
public async Task Invoke(HttpContext context)
{
var isNewSessionKey = false;
Func <bool> tryEstablishSession = ReturnTrue;
var cookieValue = context.Request.Headers[_options.Cookie.Name];
var sessionKey = CookieProtection.Unprotect(_dataProtector, cookieValue, _logger);
if (string.IsNullOrWhiteSpace(sessionKey) || sessionKey.Length != SessionKeyLength)
{
// No valid cookie, new session.
var guidBytes = new byte[16];
CryptoRandom.GetBytes(guidBytes);
sessionKey = new Guid(guidBytes).ToString();
cookieValue = CookieProtection.Protect(_dataProtector, sessionKey);
var establisher = new SessionEstablisher(context, cookieValue, _options);
tryEstablishSession = establisher.TryEstablishSession;
isNewSessionKey = true;
}
var feature = new SessionFeature();
feature.Session = _sessionStore.Create(sessionKey, TimeSpan.FromMinutes(120.0), TimeSpan.FromMinutes(3.0), tryEstablishSession, isNewSessionKey);
context.Features.Set <ISessionFeature>(feature);
try
{
await _next(context);
}
finally
{
context.Features.Set <ISessionFeature>(null);
if (feature.Session != null)
{
try
{
await feature.Session.CommitAsync(context.RequestAborted);
}
catch (OperationCanceledException ex)
{
_logger.LogError(ex.Message);
}
}
}
}
public async Task Invoke(HttpContext context)
{
var isNewSessionKey = false;
Func <bool> tryEstablishSession = ReturnTrue;
var sessionKey = context.Request.Cookies.Get(_options.CookieName);
if (string.IsNullOrWhiteSpace(sessionKey) || sessionKey.Length != SessionKeyLength)
{
// No valid cookie, new session.
var guidBytes = new byte[16];
CryptoRandom.GetBytes(guidBytes);
sessionKey = new Guid(guidBytes).ToString();
var establisher = new SessionEstablisher(context, sessionKey, _options);
tryEstablishSession = establisher.TryEstablishSession;
isNewSessionKey = true;
}
var feature = new SessionFeature();
feature.Factory = new SessionFactory(sessionKey, _options.Store, _options.IdleTimeout, tryEstablishSession, isNewSessionKey);
feature.Session = feature.Factory.Create();
context.SetFeature <ISessionFeature>(feature);
try
{
await _next(context);
}
finally
{
context.SetFeature <ISessionFeature>(null);
if (feature.Session != null)
{
try
{
feature.Session.Commit();
}
catch (Exception ex)
{
_logger.WriteError("Error closing the session.", ex);
}
}
}
}
public async Task Invoke(HttpContext context)
{
var isNewSessionKey = false;
Func<bool> tryEstablishSession = ReturnTrue;
var sessionKey = context.Request.Cookies.Get(_options.CookieName);
if (string.IsNullOrWhiteSpace(sessionKey) || sessionKey.Length != SessionKeyLength)
{
// No valid cookie, new session.
var guidBytes = new byte[16];
CryptoRandom.GetBytes(guidBytes);
sessionKey = new Guid(guidBytes).ToString();
var establisher = new SessionEstablisher(context, sessionKey, _options);
tryEstablishSession = establisher.TryEstablishSession;
isNewSessionKey = true;
}
var feature = new SessionFeature();
feature.Factory = new SessionFactory(sessionKey, _options.Store, _options.IdleTimeout, tryEstablishSession, isNewSessionKey);
feature.Session = feature.Factory.Create();
context.SetFeature<ISessionFeature>(feature);
try
{
await _next(context);
}
finally
{
context.SetFeature<ISessionFeature>(null);
if (feature.Session != null)
{
try
{
feature.Session.Commit();
}
catch (Exception ex)
{
_logger.WriteError("Error closing the session.", ex);
}
}
}
}
public async Task Invoke(HttpContext context)
{
var isNewSessionKey = false;
Func <bool> tryEstablishSession = ReturnTrue;
var headerName = DotNet.Configuration.Config.GetSection("Session:HeaderName").Value ?? _options.Cookie.Name;
var cookieValue = context.Request.Headers[headerName].ToString();
if (string.IsNullOrWhiteSpace(cookieValue))
{
cookieValue = context.Request.Cookies[_options.Cookie.Name];
}
var sessionKey = cookieValue;
if (string.IsNullOrWhiteSpace(sessionKey) || sessionKey.Length != SessionKeyLength)
{
// No valid cookie, new session.
var guidBytes = new byte[16];
CryptoRandom.GetBytes(guidBytes);
cookieValue = $"{new Guid(guidBytes):n}{Guid.NewGuid():n}";
sessionKey = cookieValue.ToMD5();
var establisher = new SessionEstablisher(context, cookieValue, _options);
tryEstablishSession = establisher.TryEstablishSession;
isNewSessionKey = true;
}
else
{
sessionKey = cookieValue.ToMD5();
}
var feature = new SessionFeature
{
Session = _sessionStore.Create(sessionKey, _options.IdleTimeout, _options.IOTimeout, tryEstablishSession, isNewSessionKey)
};
feature.Session.SetString("SessionKey", cookieValue);
context.Features.Set <ISessionFeature>(feature);
try
{
await _next(context);
}
finally
{
context.Features.Set <ISessionFeature>(null);
if (feature.Session != null)
{
try
{
await feature.Session.CommitAsync(context.RequestAborted);
}
catch (OperationCanceledException)
{
// _logger.SessionCommitCanceled();
}
catch (Exception)
{
//_logger.ErrorClosingTheSession(ex);
}
}
}
}
/// <summary>
/// Invokes the logic of the middleware.
/// </summary>
/// <param name="context">The <see cref="HttpContext"/>.</param>
/// <returns>A <see cref="Task"/> that completes when the middleware has completed processing.</returns>
public async Task Invoke(HttpContext context)
{
var isNewSessionKey = false;
Func <bool> tryEstablishSession = ReturnTrue;
var cookieValue = context.Request.Cookies[_options.Cookie.Name];
var sessionKey = CookieProtection.Unprotect(_dataProtector, cookieValue, _logger);
if (string.IsNullOrWhiteSpace(sessionKey) || sessionKey.Length != SessionKeyLength)
{
// No valid cookie, new session.
var guidBytes = new byte[16];
RandomNumberGenerator.Fill(guidBytes);
sessionKey = new Guid(guidBytes).ToString();
cookieValue = CookieProtection.Protect(_dataProtector, sessionKey);
var establisher = new SessionEstablisher(context, cookieValue, _options);
tryEstablishSession = establisher.TryEstablishSession;
isNewSessionKey = true;
}
var feature = new SessionFeature
{
Session = _sessionStore.Create(sessionKey, _options.IdleTimeout, _options.IOTimeout, tryEstablishSession, isNewSessionKey)
};
var isSessionStart = context.Request.Path.Value == "/api/authorization/logon";
var isSessionStartAs = context.Request.Path.Value == "/api/authorization/logonas";
var isSessionCheck = context.Request.Path.Value == "/api/session";
context.Features.Set <ISessionFeature>(feature);
if (!isSessionStart && !isSessionStartAs && !isSessionCheck)
{
var result = await _sessionService.ValidateSession(sessionKey).ConfigureAwait(false);
if (result == false)
{
context.Response.StatusCode = StatusCodes.Status403Forbidden;
await context.Response.WriteAsync("Session expired!");
return;
}
}
try
{
await _next(context);
}
finally
{
context.Features.Set <ISessionFeature>(null);
if (feature.Session != null)
{
try
{
await feature.Session.CommitAsync();
}
catch (OperationCanceledException)
{
_logger.SessionCommitCanceled();
}
catch (Exception ex)
{
_logger.ErrorClosingTheSession(ex);
}
}
}
}
