public void OnAuthorization(AuthorizationFilterContext filterContext)
{
if (filterContext.HttpContext?.Request?.Body == null)
{
filterContext.HttpContext.Response.StatusCode = StatusCodes.Status400BadRequest;
filterContext.Result = new JsonResult(
new
{
Message = Displays.BadRequest(context: new ContextImplement(
sessionStatus: false,
sessionData: false,
item: false))
});
return;
}
filterContext.HttpContext.Request.EnableBuffering();
var reader = new StreamReader(
stream: filterContext.HttpContext.Request?.Body,
encoding: Encoding.UTF8);
var requestData = reader.ReadToEnd();
filterContext.HttpContext.Request.Body.Position = 0;
var context = new ContextImplement(
sessionStatus: false,
sessionData: false,
item: false,
setPermissions: false,
apiRequestBody: requestData);
if (!context.ContractSettings.AllowedIpAddress(context.UserHostAddress))
{
filterContext.HttpContext.Response.StatusCode = StatusCodes.Status403Forbidden;
filterContext.Result = new JsonResult(
new
{
Message = Displays.InvalidIpAddress(context: context)
});
return;
}
if (Parameters.Security.TokenCheck &&
filterContext.HttpContext.User?.Identity?.IsAuthenticated == true)
{
var api = requestData?.Deserialize <Api>();
if (api?.Token != context.Token())
{
filterContext.HttpContext.Response.StatusCode = StatusCodes.Status400BadRequest;
filterContext.Result = new JsonResult(
new
{
Message = Displays.BadRequest(context: context)
});
}
}
}
public void OnAuthorization(AuthorizationFilterContext filterContext)
{
var context = new ContextImplement(
sessionStatus: false,
sessionData: false,
item: false,
setPermissions: false);
if (context.Controller != "errors" && Parameters.SyntaxErrors?.Any() == true)
{
filterContext.Result = new RedirectResult(
Locations.ParameterSyntaxError(context: context));
}
if (context.Authenticated &&
!context.ContractSettings.AllowedIpAddress(context.UserHostAddress))
{
Authentications.SignOut(context: context);
filterContext.Result = new RedirectResult(
Locations.InvalidIpAddress(context: context));
return;
}
if (context.Authenticated &&
context.ContractSettings.OverDeadline(context: context))
{
Authentications.SignOut(context: context);
filterContext.Result = new RedirectResult(
Locations.Login(context: context) + "?expired=1");
return;
}
if (context.Authenticated &&
Parameters.Security.TokenCheck &&
filterContext.HttpContext.Request.HasFormContentType &&
filterContext.HttpContext.Request.Form.Count > 0 &&
filterContext.HttpContext.Request.Form["Token"] != context.Token())
{
filterContext.HttpContext.Response.StatusCode = 400;
if (filterContext.HttpContext.Request.Headers["X-Requested-With"] == "XMLHttpRequest")
{
filterContext.Result = new JsonResult(
new
{
Message = Displays.InvalidRequest(context: context)
});
}
else
{
filterContext.Result = new ContentResult()
{
Content = Displays.InvalidRequest(context: context)
};
}
return;
}
if (!context.LoginId.IsNullOrEmpty())
{
if (!context.Authenticated)
{
if (Authentications.Windows(context: context))
{
filterContext.Result = new EmptyResult();
return;
}
else
{
Authentications.SignOut(context: context);
filterContext.Result = new RedirectResult(
Locations.Login(context: context));
return;
}
}
}
SiteInfo.Reflesh(context: context);
}