Created IAbpAntiForgeryManager

7 years ago · 360be9724a
parent c62474dc13
commit 360be9724a
6 changed files with 97 additions and 2 deletions
--- a/src/Volo.Abp.AspNetCore.Mvc.UI.Bootstrap/TagHelpers/Button/AbpButtonTagHelperService.cs
+++ b/src/Volo.Abp.AspNetCore.Mvc.UI.Bootstrap/TagHelpers/Button/AbpButtonTagHelperService.cs
@ -1,4 +1,5 @@
-using Microsoft.AspNetCore.Razor.TagHelpers;
+using System;
+using Microsoft.AspNetCore.Razor.TagHelpers;
 using Volo.Abp.AspNetCore.Mvc.UI.Bootstrap.Microsoft.AspNetCore.Razor.TagHelpers;

 namespace Volo.Abp.AspNetCore.Mvc.UI.Bootstrap.TagHelpers.Button
@ -15,6 +16,12 @@ namespace Volo.Abp.AspNetCore.Mvc.UI.Bootstrap.TagHelpers.Button
            {
                output.Attributes.AddClass("btn-" + TagHelper.ButtonType.ToString().ToLowerInvariant());
            }
+
+            if (string.Equals(output.Attributes["type"]?.Value.ToString(), "submit", StringComparison.OrdinalIgnoreCase) &&
+                !output.Attributes.ContainsName("data-busy-text"))
+            {
+                output.Attributes.SetAttribute("data-busy-text", "Processing...");
+            }
        }
    }
 }
--- a/src/Volo.Abp.AspNetCore.Mvc.UI.Theme.Basic/Views/Shared/_AppLayout.cshtml
+++ b/src/Volo.Abp.AspNetCore.Mvc.UI.Theme.Basic/Views/Shared/_AppLayout.cshtml
@ -1,6 +1,9 @@
-@using Volo.Abp.UI.Navigation
+@using Volo.Abp.AspNetCore.Mvc.AntiForgery
+@using Volo.Abp.UI.Navigation
+@inject IAbpAntiForgeryManager AbpAntiForgeryManager
@{
    Layout = null;
+    AbpAntiForgeryManager.SetCookie();
 }

 <!DOCTYPE html>
--- a/src/Volo.Abp.AspNetCore.Mvc/Volo/Abp/AspNetCore/Mvc/AntiForgery/AbpAntiForgeryManagerAspNetCoreExtensions.cs
+++ b/src/Volo.Abp.AspNetCore.Mvc/Volo/Abp/AspNetCore/Mvc/AntiForgery/AbpAntiForgeryManagerAspNetCoreExtensions.cs
@ -0,0 +1,10 @@
+namespace Volo.Abp.AspNetCore.Mvc.AntiForgery
+{
+    public static class AbpAntiForgeryManagerAspNetCoreExtensions
+    {
+        public static void SetCookie(this IAbpAntiForgeryManager manager)
+        {
+            manager.HttpContext.Response.Cookies.Append(manager.Options.TokenCookieName, manager.GenerateToken());
+        }
+    }
+}
--- a/src/Volo.Abp.AspNetCore.Mvc/Volo/Abp/AspNetCore/Mvc/AntiForgery/AbpAntiForgeryOptions.cs
+++ b/src/Volo.Abp.AspNetCore.Mvc/Volo/Abp/AspNetCore/Mvc/AntiForgery/AbpAntiForgeryOptions.cs
@ -0,0 +1,23 @@
+namespace Volo.Abp.AspNetCore.Mvc.AntiForgery
+{
+    public class AbpAntiForgeryOptions
+    {
+        /// <summary>
+        /// Get/sets cookie name to transfer Anti Forgery token between server and client.
+        /// Default value: "XSRF-TOKEN".
+        /// </summary>
+        public string TokenCookieName { get; set; }
+
+        /// <summary>
+        /// Get/sets header name to transfer Anti Forgery token from client to the server.
+        /// Default value: "X-XSRF-TOKEN". 
+        /// </summary>
+        public string TokenHeaderName { get; set; }
+
+        public AbpAntiForgeryOptions()
+        {
+            TokenCookieName = "XSRF-TOKEN";
+            TokenHeaderName = "X-XSRF-TOKEN";
+        }
+    }
+}
--- a/src/Volo.Abp.AspNetCore.Mvc/Volo/Abp/AspNetCore/Mvc/AntiForgery/AspNetCoreAbpAntiForgeryManager.cs
+++ b/src/Volo.Abp.AspNetCore.Mvc/Volo/Abp/AspNetCore/Mvc/AntiForgery/AspNetCoreAbpAntiForgeryManager.cs
@ -0,0 +1,37 @@
+using Microsoft.AspNetCore.Antiforgery;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Options;
+using Volo.Abp.DependencyInjection;
+
+namespace Volo.Abp.AspNetCore.Mvc.AntiForgery
+{
+    public class AspNetCoreAbpAntiForgeryManager : IAbpAntiForgeryManager, ITransientDependency
+    {
+        public AbpAntiForgeryOptions Options { get; }
+
+        public HttpContext HttpContext => _httpContextAccessor.HttpContext;
+
+        private readonly IAntiforgery _antiforgery;
+        private readonly IHttpContextAccessor _httpContextAccessor;
+
+        public AspNetCoreAbpAntiForgeryManager(
+            IAntiforgery antiforgery,
+            IHttpContextAccessor httpContextAccessor,
+            IOptions<AbpAntiForgeryOptions> options)
+        {
+            _antiforgery = antiforgery;
+            _httpContextAccessor = httpContextAccessor;
+            Options = options.Value;
+        }
+
+        public void SetCookie()
+        {
+            HttpContext.Response.Cookies.Append(Options.TokenCookieName, GenerateToken());
+        }
+
+        public string GenerateToken()
+        {
+            return _antiforgery.GetAndStoreTokens(_httpContextAccessor.HttpContext).RequestToken;
+        }
+    }
+}
--- a/src/Volo.Abp.AspNetCore.Mvc/Volo/Abp/AspNetCore/Mvc/AntiForgery/IAbpAntiForgeryManager.cs
+++ b/src/Volo.Abp.AspNetCore.Mvc/Volo/Abp/AspNetCore/Mvc/AntiForgery/IAbpAntiForgeryManager.cs
@ -0,0 +1,15 @@
+using Microsoft.AspNetCore.Http;
+
+namespace Volo.Abp.AspNetCore.Mvc.AntiForgery
+{
+    public interface IAbpAntiForgeryManager
+    {
+        AbpAntiForgeryOptions Options { get; }
+
+        HttpContext HttpContext { get; }
+
+        void SetCookie();
+
+        string GenerateToken();
+    }
+}