Changeset 382 for binary-improvements2/MapRendering/Web/Handlers/SessionHandler.cs

Timestamp:

Aug 1, 2022, 12:54:31 PM (2 years ago)

Author:

alloc

Message:

Switched to use SpaceWizards.HttpListener

File:

• binary-improvements2/MapRendering/Web/Handlers/SessionHandler.cs (modified) (2 diffs)

binary-improvements2/MapRendering/Web/Handlers/SessionHandler.cs

@@ +1 @@
+using System;
 using System.IO;
 using System.Net;
 using System.Text;
+using HttpListenerRequest = SpaceWizards.HttpListener.HttpListenerRequest;
+using HttpListenerResponse = SpaceWizards.HttpListener.HttpListenerResponse;
 
 namespace AllocsFixes.NetConnections.Servers.Web.Handlers {
-        public class SessionHandler : PathHandler {
+        public class SessionHandler : AbsHandler {
+                private const string pageBasePath = "/";
+                private const string steamOpenIdVerifyUrl = "verifysteamopenid";
+                private const string steamLoginUrl = "loginsteam";
+                
                 private readonly string footer = "";
                 private readonly string header = "";
 
-                public SessionHandler (string _dataFolder, string _moduleName = null) : base (_moduleName) {
+                private readonly ConnectionHandler connectionHandler;
+
+                public SessionHandler (string _dataFolder, ConnectionHandler _connectionHandler) : base (null) {
+                        connectionHandler = _connectionHandler;
+                        
                         if (File.Exists (_dataFolder + "/sessionheader.tmpl")) {
                                 header = File.ReadAllText (_dataFolder + "/sessionheader.tmpl");
@@ -18 +29 @@
                 }
 
-                public override void HandleRequest (HttpListenerRequest _req, HttpListenerResponse _resp, WebConnection _user,
+                public override void HandleRequest (string _requestPath, HttpListenerRequest _req, HttpListenerResponse _resp, WebConnection _con,
                         int _permissionLevel) {
-                        string subpath = _req.Url.AbsolutePath.Remove (0, urlBasePath.Length);
+                        
+                        IPEndPoint reqRemoteEndPoint = _req.RemoteEndPoint;
+                        if (reqRemoteEndPoint == null) {
+                                _resp.Redirect (pageBasePath);
+                                return;
+                        }
+
+                        string subpath = _requestPath.Remove (0, urlBasePath.Length);
 
                         StringBuilder result = new StringBuilder ();
                         result.Append (header);
 
-                        if (subpath.StartsWith ("verify")) {
-                                if (_user != null) {
-                                        _resp.Redirect ("/static/index.html");
+                        if (subpath.StartsWith (steamOpenIdVerifyUrl)) {
+                                string remoteEndpointString = reqRemoteEndPoint.ToString ();
+
+                                try {
+                                        ulong id = OpenID.Validate (_req);
+                                        if (id > 0) {
+                                                WebConnection con = connectionHandler.LogIn (id, reqRemoteEndPoint.Address);
+                                                int level = GameManager.Instance.adminTools.GetUserPermissionLevel (con.UserId);
+                                                Log.Out ("Steam OpenID login from {0} with ID {1}, permission level {2}",
+                                                        remoteEndpointString, con.UserId, level);
+                                                
+                                                Cookie cookie = new Cookie ("sid", con.SessionID, "/") {
+                                                        Expired = false,
+                                                        Expires = DateTime.MinValue,
+                                                        HttpOnly = true,
+                                                        Secure = false
+                                                };
+                                                _resp.AppendCookie (cookie);
+                                                _resp.Redirect (pageBasePath);
+
+                                                return;
+                                        }
+                                } catch (Exception e) {
+                                        Log.Error ("Error validating login:");
+                                        Log.Exception (e);
+                                }
+
+                                Log.Out ($"Steam OpenID login failed from {remoteEndpointString}");
+                                result.Append ($"<h1>Login failed, <a href=\"{pageBasePath}\">click to return to main page</a>.</h1>");
+                        } else if (subpath.StartsWith ("logout")) {
+                                if (_con != null) {
+                                        connectionHandler.LogOut (_con.SessionID);
+                                        Cookie cookie = new Cookie ("sid", "", "/") {
+                                                Expired = true
+                                        };
+                                        _resp.AppendCookie (cookie);
+                                        _resp.Redirect (pageBasePath);
                                         return;
                                 }
 
-                                result.Append (
-                                        "<h1>Login failed, <a href=\"/static/index.html\">click to return to main page</a>.</h1>");
-                        } else if (subpath.StartsWith ("logout")) {
-                                if (_user != null) {
-                                        parent.connectionHandler.LogOut (_user.SessionID);
-                                        Cookie cookie = new Cookie ("sid", "", "/");
-                                        cookie.Expired = true;
-                                        _resp.AppendCookie (cookie);
-                                        _resp.Redirect ("/static/index.html");
-                                        return;
-                                }
-
-                                result.Append (
-                                        "<h1>Not logged in, <a href=\"/static/index.html\">click to return to main page</a>.</h1>");
-                        } else if (subpath.StartsWith ("login")) {
+                                result.Append ($"<h1>Not logged in, <a href=\"{pageBasePath}\">click to return to main page</a>.</h1>");
+                        } else if (subpath.StartsWith (steamLoginUrl)) {
                                 string host = (Web.IsSslRedirected (_req) ? "https://" : "http://") + _req.UserHostName;
-                                string url = OpenID.GetOpenIdLoginUrl (host, host + "/session/verify");
+                                string url = OpenID.GetOpenIdLoginUrl (host, host + urlBasePath + steamOpenIdVerifyUrl);
                                 _resp.Redirect (url);
                                 return;
                         } else {
-                                result.Append (
-                                        "<h1>Unknown command, <a href=\"/static/index.html\">click to return to main page</a>.</h1>");
+                                result.Append ($"<h1>Unknown command, <a href=\"{pageBasePath}\">click to return to main page</a>.</h1>");
                         }