public override bool PostProcess(BadrRequest request, BadrResponse response, out string errorMessage) { CookiesSettings cookiesSettings = SiteManager.Settings.Cookies; errorMessage = null; if ((!cookiesSettings.SessionSecure || request.IsSecure) && response.Status.IsSuccess() && request.Session != null && request.Session.SendCookie) { HttpCookieFragment sessionFragment = new HttpCookieFragment( name: CookieNames.SESSION_ID, value: request.Session.ID, path: "/", domain: request.DomainUri.Host); if(cookiesSettings != null) { if(!SiteManager.Settings.Cookies.SessionExpireAtBrowserClose) sessionFragment[HttpCookieFragment.ATTR_MAX_AGE] = cookiesSettings.SessionAge.ToString(); sessionFragment.IsSecure = cookiesSettings.SessionSecure; sessionFragment.IsHttpOnly = cookiesSettings.SessionHttpOnly; } response.Cookies[CookieNames.SESSION_ID] = sessionFragment; } return true; }
public HttpResponse Handle(BadrRequest request) { string exceptionMessage = null; string errorMessage; BadrResponse response = null; try { if (request == null) throw new Exception ("Request is not a BadrRequest"); if (!request.ValidMethod) return BadrResponse.Create (request, HttpResponseStatus._405); if (ValidateHost (request.Headers [HttpRequestHeaders.Host])) { MiddlewareProcessStatus middlewarePreProcessStatus = SiteManager.Middlewares.PreProcess (request, out errorMessage); if ((middlewarePreProcessStatus & MiddlewareProcessStatus.Stop) == MiddlewareProcessStatus.Stop) exceptionMessage = string.Format ("Request pre-processing error: {0}", errorMessage); else { ViewUrl viewUrl = SiteManager.Urls.GetViewUrl (request.Resource); if (viewUrl != null) { request.ViewUrl = viewUrl; response = viewUrl.View (request, viewUrl.GetArgs (request.Resource)); } else exceptionMessage = string.Format ("Unknown resource url: {0}", request.Resource); if (response != null) if (!SiteManager.Middlewares.PostProcess (request, response, out errorMessage)) exceptionMessage = string.Format ("Request post-processing error: {0}", errorMessage); } } else throw new Exception (string.Format ("Unknown host '{0}'", request.Headers [HttpRequestHeaders.Host])); if (exceptionMessage != null) { if (SiteManager.Settings.Debug) throw new Exception (exceptionMessage); else { _Logger.Error (exceptionMessage); return BadrResponse.Create (request, HttpResponseStatus._404); } } else return response; } catch (Exception ex) { _Logger.Error (ex.Message, ex); if (SiteManager.Settings.Debug) return BadrResponse.CreateDebugResponse (request, ex); else return BadrResponse.Create (request, HttpResponseStatus._404); } }
public static BadrResponse ModelView(BadrRequest request, UrlArgs args) { dynamic model = Model.Manager(args[1]).Get(int.Parse(args["model_id"])); dynamic tc = new TemplateContext(); tc.modelName = args[1]; tc.model = model; return BadrResponse.Create(request, tc); }
public static BadrResponse ModelListView(BadrRequest request, UrlArgs args) { string modelName = args[1]; string pageNum = args["page_num"]; dynamic modelsPage = Model.Manager(modelName).Page(pageNum != null ? int.Parse(pageNum) : 1, 20); dynamic tc = new TemplateContext (); tc.modelName = modelName; tc.modelsPage = modelsPage; return BadrResponse.Create (request, tc); }
public bool PostProcess(BadrRequest wRequest, BadrResponse wResponse, out string errorMessage) { bool result = true; errorMessage = null; foreach (MiddlewareBase middleware in _middlewares) { result = middleware.PostProcess(wRequest, wResponse, out errorMessage); if (!result || !wResponse.Status.IsSuccess()) return result; } return result; }
public override MiddlewareProcessStatus PreProcess(BadrRequest request, out string errorMessage) { if (!HttpRequest.IsSafeMethod(request.Method)) { if (!request.POST.Contains(CSRF_INPUT_NAME) || request.CsrfToken != request.POST[CSRF_INPUT_NAME].ToString()) { errorMessage = "POST request does not contain valid csrf token"; _Logger.Error(errorMessage); return MiddlewareProcessStatus.ErrorStop;// WResponseStatus._403; } } errorMessage = null; return MiddlewareProcessStatus.Continue; }
public MiddlewareProcessStatus PreProcess(BadrRequest wRequest, out string errorMessage) { errorMessage = null; if (wRequest == null) { errorMessage = "Request is null"; return MiddlewareProcessStatus.ErrorStop;//._501; } foreach (MiddlewareBase middleware in _middlewares) { MiddlewareProcessStatus mps = middleware.PreProcess(wRequest, out errorMessage); if ((mps & MiddlewareProcessStatus.Stop) == MiddlewareProcessStatus.Stop) return mps; } return MiddlewareProcessStatus.Continue; }
public override bool PostProcess(BadrRequest request, BadrResponse response, out string errorMessage) { errorMessage = null; if ((!SiteManager.Settings.Cookies.CsrfSecure || request.IsSecure) && response.Status.IsSuccess() && IsValidCsrf(request)) { HttpCookieFragment csrfFragment = new HttpCookieFragment( name: CookieNames.CSRF_TOKEN, value: request.CsrfToken, path: "/", domain: request.DomainUri.Host); if(SiteManager.Settings.Cookies != null) { csrfFragment.IsSecure = SiteManager.Settings.Cookies.CsrfSecure; } response.Cookies[CookieNames.CSRF_TOKEN] = csrfFragment; } return true; }
public static BadrResponse ServeStaticFiles(BadrRequest request, UrlArgs args = null) { string resourcePath = null; if (args != null && (resourcePath = args[STATIC_RESOURCE_GROUP_NAME]) != null) { bool reloadFile = true; bool conditionalGet = request.Headers[HttpRequestHeaders.IfModifiedSince] != null; DateTime resourceLastModificationDate = StaticFilesManager.GetLastModificationTimeUtc(resourcePath); DateTime clientLastModificationDate; if(conditionalGet) { if(DateTime.TryParse(request.Headers[Badr.Net.Http.Request.HttpRequestHeaders.IfModifiedSince], out clientLastModificationDate)) { reloadFile = resourceLastModificationDate.CompareTo(clientLastModificationDate) > 0; } } BadrResponse response; if (reloadFile){ response = new StaticResponse(request, MimeMapping.GetMimeMapping(resourcePath)) { Status = HttpResponseStatus._200, BodyBytes = StaticFilesManager.GetFileBytes(resourcePath) }; } else { response = new BadrResponse(request) { Status = HttpResponseStatus._304 }; } response.Headers.Add(HttpResponseHeaders.LastModified, resourceLastModificationDate.ToString("r")); return response; } return null; }
public RenderContext(BadrRequest badrRequest) { BadrRequest = badrRequest; _renderedTemplate = new StringBuilder(); }
private bool IsValidCsrf(BadrRequest request) { return !(string.IsNullOrEmpty(request.CsrfToken) || request.CsrfToken.Trim() == ""); }
public override bool ResolveSpecialTag(BadrRequest request, string spetagName, out string result) { if (request != null && spetagName == CSRF_SPE_TAG_NAME) { if (!IsValidCsrf(request)) request.CsrfToken = Security.GenerateId(24); result = string.Format("<input type=\"hidden\" name=\"{0}\" value=\"{1}\"/>", CSRF_INPUT_NAME, request.CsrfToken); return true; } return base.ResolveSpecialTag(request, spetagName, out result); }
public override MiddlewareProcessStatus PreProcess(BadrRequest request, out string errorMessage) { string sessionId = request.Cookies[CookieNames.SESSION_ID].Value; bool sessionReceived = !string.IsNullOrWhiteSpace(sessionId); if (!sessionReceived) sessionId = Security.GenerateId(24); request.Session = new BadrSession(sessionId) { SendCookie = !sessionReceived }; errorMessage = null; return MiddlewareProcessStatus.Continue; }
private BadrResponse View1(BadrRequest request, UrlArgs args) { return null; }
private BadrResponse EmptyView(BadrRequest request, UrlArgs args) { return null; }
public override bool ResolveSpecialTag(BadrRequest request, string spetagName, out string result) { if (request != null && spetagName == SESSION_SPE_TAG_NAME) { result = request.Session.ID; return true; } return base.ResolveSpecialTag(request, spetagName, out result); }
public string ResolveSpecialTag(BadrRequest wRequest, string spetagName) { string result = ""; foreach (MiddlewareBase middleware in _middlewares) { if (middleware.ResolveSpecialTag(wRequest, spetagName, out result)) return result; } return result; }
public StaticResponse(BadrRequest request, string contenttype = DEFAULT_CONTENT_TYPE, string charset = DEFAULT_CHARSET) : base(request, contenttype, charset) { }
public string Render(BadrRequest request, TemplateContext context) { if (ContainsErrors) throw new TemplateException(string.Join(Environment.NewLine, Errors.Select(te => te.Message)), this); if (_isStaticTemplate) return TemplateContent; else return new RenderContext(request).Render(_scope0, context); }
public virtual bool ResolveSpecialTag(BadrRequest request, string spetagName, out string result) { result = ""; return false; }
public abstract MiddlewareProcessStatus PreProcess(BadrRequest request, out string errorMessage);
public abstract bool PostProcess(BadrRequest request, BadrResponse response, out string errorMessage);