示例#1
0
        private static string GetContextId(HttpRequestBase request, CapttiaSection config, Encryption encryption)
        {
            var contextId = AnonymousIdentifier.GetContextId(request.RequestContext.HttpContext);

            // Check for existing cookie
            var existingCookie = request.Cookies[config.CookieName];
            if (existingCookie != null)
            {
                var cookieId = existingCookie.Value;
                if (!string.IsNullOrWhiteSpace(cookieId))
                {
                    try
                    {
                        var decryptedCookieId = encryption.Decrypt(cookieId, config.PassPhraseB);
                        var cookieBrowserId = AnonymousIdentifier.GetBrowserStampFromId(decryptedCookieId);
                        var contextBrowserId = AnonymousIdentifier.GetBrowserStampFromId(contextId);
                        if (cookieBrowserId.Equals(contextBrowserId))
                        {
                            contextId = decryptedCookieId;
                        }
                    }
                    catch (CryptographicException)
                    {
                        request.Cookies[config.CookieName].Expires = DateTime.Today.AddDays(-1);
                    }
                }
            }

            return contextId;
        }
示例#2
0
 private string GetFormId(CapttiaSection config, ActionExecutingContext filterContext)
 {
     var formId = filterContext.HttpContext.Request.Params[config.ModuleName];
     if (string.IsNullOrWhiteSpace(formId))
     {
         return string.Empty;
     }
     var decryptedFormId = _encryption.Decrypt(formId, config.PassPhrase);
     return decryptedFormId;
 }
示例#3
0
 private string GetCookieId(CapttiaSection config, ActionExecutingContext filterContext)
 {
     var cookieId = filterContext.HttpContext.Request.Cookies[config.CookieName].Value;
     if (string.IsNullOrWhiteSpace(cookieId))
     {
         return string.Empty;
     }
     var decryptedCookieId = _encryption.Decrypt(cookieId, config.PassPhraseB);
     return decryptedCookieId;
 }
示例#4
0
        private string GetFormId(CapttiaSection config, ActionExecutingContext filterContext)
        {
            var formId = filterContext.HttpContext.Request.Params[config.ModuleName];

            if (string.IsNullOrWhiteSpace(formId))
            {
                return(string.Empty);
            }
            var decryptedFormId = _encryption.Decrypt(formId, config.PassPhrase);

            return(decryptedFormId);
        }
示例#5
0
        private string GetCookieId(CapttiaSection config, ActionExecutingContext filterContext)
        {
            var cookieId = filterContext.HttpContext.Request.Cookies[config.CookieName].Value;

            if (string.IsNullOrWhiteSpace(cookieId))
            {
                return(string.Empty);
            }
            var decryptedCookieId = _encryption.Decrypt(cookieId, config.PassPhraseB);

            return(decryptedCookieId);
        }
示例#6
0
        private bool IsValidRequest(CapttiaSection config, ActionExecutingContext filterContext)
        {
            try
            {
                var honeyPot = filterContext.HttpContext.Request.Params[config.ModuleName + "Value"];
                if (!string.IsNullOrWhiteSpace(honeyPot))
                {
                    return false;
                }

                return IsValidToken(config, filterContext);
            }
            catch (Exception)
            {
                return false;
            }
        }
示例#7
0
        private bool IsValidRequest(CapttiaSection config, ActionExecutingContext filterContext)
        {
            try
            {
                var honeyPot = filterContext.HttpContext.Request.Params[config.ModuleName + "Value"];
                if (!string.IsNullOrWhiteSpace(honeyPot))
                {
                    return(false);
                }

                return(IsValidToken(config, filterContext));
            }
            catch (Exception)
            {
                return(false);
            }
        }
示例#8
0
        private bool IsValidToken(CapttiaSection config, ActionExecutingContext filterContext)
        {
            string decryptedCookieId = GetCookieId(config, filterContext);

            string decryptedFormId = GetFormId(config, filterContext);

            string actualBrowserId = GetBrowserId(filterContext);

            if (!string.IsNullOrWhiteSpace(decryptedCookieId) && !string.IsNullOrWhiteSpace(decryptedFormId))
            {
                var cookieBrowserId = AnonymousIdentifier.GetBrowserStampFromId(decryptedCookieId);
                var formBrowserId = AnonymousIdentifier.GetBrowserStampFromId(decryptedFormId);

                bool cookieMatchesForm = decryptedCookieId == decryptedFormId;
                bool browserMatches = (actualBrowserId == cookieBrowserId);

                return (cookieMatchesForm && browserMatches);
            }

            return false;
        }
示例#9
0
        private bool IsValidToken(CapttiaSection config, ActionExecutingContext filterContext)
        {
            string decryptedCookieId = GetCookieId(config, filterContext);

            string decryptedFormId = GetFormId(config, filterContext);

            string actualBrowserId = GetBrowserId(filterContext);

            if (!string.IsNullOrWhiteSpace(decryptedCookieId) && !string.IsNullOrWhiteSpace(decryptedFormId))
            {
                var cookieBrowserId = AnonymousIdentifier.GetBrowserStampFromId(decryptedCookieId);
                var formBrowserId   = AnonymousIdentifier.GetBrowserStampFromId(decryptedFormId);

                bool cookieMatchesForm = decryptedCookieId == decryptedFormId;
                bool browserMatches    = (actualBrowserId == cookieBrowserId);

                return(cookieMatchesForm && browserMatches);
            }

            return(false);
        }