Webiant Logo Webiant Logo
  1. No results found.

    Try your search with a different keyword or use * as a wildcard.

ValidateIpAddressAttribute.cs

using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Controllers;
using Microsoft.AspNetCore.Mvc.Filters;
using Nop.Core;
using Nop.Core.Domain.Security;
using Nop.Data;

namespace Nop.Web.Framework.Mvc.Filters;

/// 
/// Represents filter attribute that validates IP address
/// 
public sealed class ValidateIpAddressAttribute : TypeFilterAttribute
{
    #region Ctor

    /// 
    /// Create instance of the filter attribute
    /// 
    public ValidateIpAddressAttribute() : base(typeof(ValidateIpAddressFilter))
    {
    }

    #endregion

    #region Nested filter

    /// 
    /// Represents a filter that validates IP address
    /// 
    private class ValidateIpAddressFilter : IAsyncActionFilter
    {
        #region Fields

        protected readonly IWebHelper _webHelper;
        protected readonly SecuritySettings _securitySettings;

        #endregion

        #region Ctor

        public ValidateIpAddressFilter(IWebHelper webHelper,
            SecuritySettings securitySettings)
        {
            _webHelper = webHelper;
            _securitySettings = securitySettings;
        }

        #endregion

        #region Utilities

        /// 
        /// Called asynchronously before the action, after model binding is complete.
        /// 
        /// A context for action filters
        private void ValidateIpAddress(ActionExecutingContext context)
        {
            ArgumentNullException.ThrowIfNull(context);

            if (context.HttpContext.Request == null)
                return;

            if (!DataSettingsManager.IsDatabaseInstalled())
                return;

            //get action and controller names
            var actionDescriptor = context.ActionDescriptor as ControllerActionDescriptor;
            var actionName = actionDescriptor?.ActionName;
            var controllerName = actionDescriptor?.ControllerName;

            if (string.IsNullOrEmpty(actionName) || string.IsNullOrEmpty(controllerName))
                return;

            //don't validate on the 'Access denied' page
            if (controllerName.Equals("Security", StringComparison.InvariantCultureIgnoreCase) &&
                actionName.Equals("AccessDenied", StringComparison.InvariantCultureIgnoreCase))
            {
                return;
            }

            //get allowed IP addresses
            var ipAddresses = _securitySettings.AdminAreaAllowedIpAddresses;

            //there are no restrictions
            if (ipAddresses == null || !ipAddresses.Any())
                return;

            //whether current IP is allowed
            var currentIp = _webHelper.GetCurrentIpAddress();

            if (ipAddresses.Any(ip => ip.Equals(currentIp, StringComparison.InvariantCultureIgnoreCase)))
                return;

            //redirect to 'Access denied' page
            context.Result = new RedirectToActionResult("AccessDenied", "Security", context.RouteData.Values);
        }

        #endregion

        #region Methods

        /// 
        /// Called asynchronously before the action, after model binding is complete.
        /// 
        /// A context for action filters
        /// A delegate invoked to execute the next action filter or the action itself
        /// A task that represents the asynchronous operation
        public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
        {
            ValidateIpAddress(context);
            if (context.Result == null)
                await next();
        }

        #endregion
    }

    #endregion
}