public void OnAuthorization(AuthorizationContext filterContext)
{
var context = new Context(tenantId: 0);
if (!context.Publish)
{
filterContext.Result = new RedirectResult(Locations.BadRequest(context: context));
}
}
public void OnAuthorization(AuthorizationContext filterContext)
{
var context = new Context(
sessionStatus: false,
sessionData: false);
if (context.Controller != "errors" && Parameters.SyntaxErrors?.Any() == true)
{
filterContext.Result = new RedirectResult(
Locations.ParameterSyntaxError(context: context));
}
if (context.Authenticated &&
!context.ContractSettings.AllowedIpAddress(context.UserHostAddress))
{
Authentications.SignOut();
filterContext.Result = new RedirectResult(
Locations.BadRequest(context: context));
return;
}
if (context.Authenticated &&
context.ContractSettings.OverDeadline(context: context))
{
Authentications.SignOut();
filterContext.Result = new RedirectResult(
Locations.Login(context: context) + "?expired=1");
return;
}
if (!context.LoginId.IsNullOrEmpty())
{
if (!context.Authenticated)
{
if (Authentications.Windows())
{
filterContext.Result = new EmptyResult();
return;
}
else
{
Authentications.SignOut();
filterContext.Result = new RedirectResult(
Locations.Login(context: context));
return;
}
}
}
SiteInfo.Reflesh(context: context);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (Parameters.Security.RequestLimit > 0)
{
var userHostAddress = HttpContext.Current?.Request?.UserHostAddress;
var currentExecutionFilePath = HttpContext.Current?.Request?.CurrentExecutionFilePath;
var errorUrl = Locations.BadRequest();
if (userHostAddress != null && currentExecutionFilePath != errorUrl)
{
var thisMinute = DateTime.Now.ToString("t");
if (!Defenses.RequestVolume.ContainsKey(userHostAddress))
{
try
{
Defenses.RequestVolume.Add(
userHostAddress, new TwoData <string, int>(thisMinute, 0));
Defenses.RequestVolume.RemoveAll((k, v) => v.Data1 != thisMinute);
}
catch (Exception)
{
}
}
if (Defenses.RequestVolume[userHostAddress].Data1 == thisMinute)
{
Defenses.RequestVolume[userHostAddress].Data2++;
if (Defenses.RequestVolume[userHostAddress].Data2 >
Parameters.Security.RequestLimit)
{
filterContext.Result = new RedirectResult(errorUrl);
base.OnActionExecuting(filterContext);
}
}
else
{
Defenses.RequestVolume[userHostAddress].Data1 = thisMinute;
Defenses.RequestVolume[userHostAddress].Data2 = 1;
}
}
}
}
