source: binary-improvements2/WebServer/src/UrlHandlers/SessionHandler.cs@ 394

Last change on this file since 394 was 394, checked in by alloc, 2 years ago

SessionHandler cleanup + redirect to /app/error/:code
Some profiler usage cleanup
File size: 2.9 KB
Line 
1using System;
2using System.Net;
3
4namespace Webserver.UrlHandlers {
5 public class SessionHandler : AbsHandler {
6 private const string pageBasePath = "/app";
7 private const string pageErrorPath = "/app/error/";
8 private const string steamOpenIdVerifyUrl = "verifysteamopenid";
9 private const string steamLoginUrl = "loginsteam";
10
11 private readonly ConnectionHandler connectionHandler;
12
13 public SessionHandler (ConnectionHandler _connectionHandler) : base (null) {
14 connectionHandler = _connectionHandler;
15 }
16
17 public override void HandleRequest (RequestContext _context) {
18 if (_context.Request.RemoteEndPoint == null) {
19 _context.Response.Redirect (pageErrorPath + "NoRemoteEndpoint");
20 return;
21 }
22
23 string subpath = _context.RequestPath.Remove (0, urlBasePath.Length);
24
25 if (subpath.StartsWith (steamOpenIdVerifyUrl)) {
26 HandleSteamVerification (_context);
27 return;
28 }
29
30 if (subpath.StartsWith ("logout")) {
31 HandleLogout (_context);
32 return;
33 }
34
35 if (subpath.StartsWith (steamLoginUrl)) {
36 HandleSteamLogin (_context);
37 return;
38 }
39
40 _context.Response.Redirect (pageErrorPath + "InvalidSessionsCommand");
41 }
42
43 private void HandleSteamLogin (RequestContext _context) {
44 string host = (WebUtils.IsSslRedirected (_context.Request) ? "https://" : "http://") + _context.Request.UserHostName;
45 string url = OpenID.GetOpenIdLoginUrl (host, host + urlBasePath + steamOpenIdVerifyUrl);
46 _context.Response.Redirect (url);
47 }
48
49 private void HandleLogout (RequestContext _context) {
50 Cookie cookie = new Cookie ("sid", "", "/") {
51 Expired = true
52 };
53 _context.Response.AppendCookie (cookie);
54
55 if (_context.Connection == null) {
56 _context.Response.Redirect (pageErrorPath + "NotLoggedIn");
57 return;
58 }
59
60 connectionHandler.LogOut (_context.Connection.SessionID);
61 _context.Response.Redirect (pageBasePath);
62 }
63
64 private void HandleSteamVerification (RequestContext _context) {
65 string remoteEndpointString = _context.Request.RemoteEndPoint!.ToString ();
66
67 try {
68 ulong id = OpenID.Validate (_context.Request);
69 if (id > 0) {
70 WebConnection con = connectionHandler.LogIn (id, _context.Request.RemoteEndPoint.Address);
71 int level = GameManager.Instance.adminTools.GetUserPermissionLevel (con.UserId);
72 Log.Out ("Steam OpenID login from {0} with ID {1}, permission level {2}",
73 remoteEndpointString, con.UserId, level);
74
75 Cookie cookie = new Cookie ("sid", con.SessionID, "/") {
76 Expired = false,
77 Expires = DateTime.MinValue,
78 HttpOnly = true,
79 Secure = false
80 };
81 _context.Response.AppendCookie (cookie);
82 _context.Response.Redirect (pageBasePath);
83
84 return;
85 }
86 } catch (Exception e) {
87 Log.Error ("Error validating login:");
88 Log.Exception (e);
89 }
90
91 Log.Out ($"Steam OpenID login failed from {remoteEndpointString}");
92 _context.Response.Redirect (pageErrorPath + "SteamLoginFailed");
93 }
94
95 }
96}
Note: See TracBrowser for help on using the repository browser.