MvcContext CreateContext(HttpRequest request)
{
var context = new MvcContext(request, this.settings, this.sessions);
context.Route = Route.Parse(request.Url, this.settings);
context.Settings = this.settings;
context.Request = request;
return context;
}
public override HttpResponse Execute(MvcContext context)
{
if(!((MvcContext)context).User.IsAdmin)
{
var url = context.Settings["adminLogin"] as string ?? DefaultLogin;
url = UrlUtil.SetQueryValue(url, "callback", context.Request.Url.AbsolutePath);
return new RedirectResponse(url);
}
return null;
}
public User Load(MvcContext context, bool createIfNotExists)
{
var user = Load(context);
if(user == null && createIfNotExists)
{
user = New();
}
return user;
}
void ApplyResponseHeaders(HttpResponse response, MvcContext context)
{
foreach(var header in context.ResponseHeaders)
{
response.Headers[header.Key] = header.Value;
}
foreach(var cookie in context.ResponseCookies)
{
response.Cookies[cookie.Key] = cookie.Value;
}
}
public HttpResponse Invoke(MvcContext context)
{
var path = context.Route.ToString();
ActionInfo action;
if(Actions.TryGetValue(path, out action))
{
var response = Invoke(action, context);
ApplyResponseHeaders(response, context);
return response;
}
return null;
}
HttpResponse Invoke(ActionInfo action, MvcContext context)
{
// Ejecuta las validaciones de seguridad, HttpPost, etc...
var response = ExecuteFilters(action, context);
if(response != null)
{
return response;
}
var method = action.MethodInfo;
if(method.IsStatic)
{
var parameters = new object[] { context };
return method.Invoke(null, parameters) as HttpResponse;
}
else
{
var controller = Activator.CreateInstance(action.ControllerType) as Controller;
if(controller == null)
{
return null;
}
controller.Context = context;
try
{
response = method.Invoke(controller, null) as HttpResponse;
}
catch(TargetInvocationException ex)
{
// interesa únicamente el origen de la excepción
throw ex.InnerException;
}
return response;
}
}
void SaveInCookie(MvcContext context, User user, bool isPersistent)
{
var cookie = new HttpCookie();
cookie.Name = CookieName;
cookie.Value = UrlUtil.UrlEncode(user.SessionId); // solo mandar caracteres válidos a la cookie
cookie.HttpOnly = true;
// si es persistente especifica la fecha, si no dura lo que la sesión del navegador.
if (isPersistent)
{
cookie.Expiration = DateTime.UtcNow.AddDays(CookieExpirationDays);
}
context.ResponseCookies.Add(CookieName, cookie);
}
User Load(MvcContext context)
{
var cookie = context.Request.Cookies[CookieName];
if(cookie == null)
{
return null;
}
var sessionId = UrlUtil.UrlDecode(cookie.Value);
if(string.IsNullOrWhiteSpace(sessionId))
{
return null;
}
var expirationLimit = DateTime.UtcNow.AddDays(-30);
var cacheKey = GetCacheKey(sessionId);
var user = Cache.Default[cacheKey] as User;
if(user != null)
{
if(user.CreateDate < expirationLimit)
{
Cache.Default.Remove(cacheKey);
return null;
}
return user;
}
if(this.persistent)
{
using(var orm = CreateOrm())
{
// buscar si no en la base de datos
var query = Query.SelectAllFrom("session").WhereIsEqual("sessionId", sessionId).Limit(1);
query.IsEqualOrGreater("createdate", expirationLimit);
var r = orm.LoadFirst(query);
return r != null ? ToSession(r) : null;
}
}
return null;
}
public void Save(MvcContext context, bool persistent)
{
if (context == null)
{
throw new ArgumentNullException();
}
var user = context.User;
Cache.Default[GetCacheKey(user.SessionId)] = user;
SaveInDatabase(user);
SaveInCookie(context, user, persistent);
}
static HttpResponse ExecuteFilters(ActionInfo action, MvcContext context)
{
// Execute controller filters
foreach(FilterAttribute filter in action.ControllerType.GetCustomAttributes(typeof(FilterAttribute), true))
{
var response = filter.Execute(context);
if(response != null)
{
return response;
}
}
// Execute action filters
foreach(FilterAttribute filter in action.MethodInfo.GetCustomAttributes(typeof(FilterAttribute), true))
{
var response = filter.Execute(context);
if(response != null)
{
return response;
}
}
return null;
}
// Se ejecuta en cada petición. Si devuelve null la ejecución prosigue normalmente. // Si devuelve una respuesta la ejecución se corta. public abstract HttpResponse Execute(MvcContext context);