Nancy之從403到錯誤處理

上篇博客，當沒有權限的用戶訪問一些資源時，返回的是403錯誤，403對于用戶來說是一個莫名其妙的數字，我們當然要處理成友好的提示。

關于錯誤處理，翻看了一下Nancy的源碼，是這樣處理的，見下面地址：

https://github.com/NancyFx/Nancy/blob/master/src/Nancy/ErrorHandling/DefaultStatusCodeHandler.cs

其實Nancy是允許我們采用相同的辦法處理，現在把DefaultStatusCodeHandler.cs的源碼復制下來，改成我們自己的CustomStatusCode.cs如下，關于詳細說明，參考Nancy源碼DefaultStatusCodeHandler.cs。

using Nancy;
using Nancy.ErrorHandling;
using Nancy.ViewEngines;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text;
using Nancy.Responses.Negotiation;
using Nancy.Extensions;
using Nancy.IO;
 
namespace NancySelfHostWeb
{
    public class CustomStatusCode: IStatusCodeHandler
    {
        
        private const string DisableErrorTracesTrueMessage = "Error details are currently disabled. Please set <code>StaticConfiguration.DisableErrorTraces = false;</code> to enable.";
 
        private readonly IDictionary<HttpStatusCode, string> errorMessages;
        private readonly IDictionary<HttpStatusCode, string> errorPages;
        private readonly IResponseNegotiator responseNegotiator;
        private readonly HttpStatusCode[] supportedStatusCodes = { HttpStatusCode.Forbidden, HttpStatusCode.NotFound};
 
        public CustomStatusCode(IResponseNegotiator responseNegotiator)
        {
            this.errorMessages = new Dictionary<HttpStatusCode, string>
            {
                { HttpStatusCode.Forbidden, "查看是否有授權！" },
                { HttpStatusCode.NotFound, "找不到你要的資源！" }
 
            };
            this.errorPages = new Dictionary<HttpStatusCode, string>
            {
                { HttpStatusCode.Forbidden, LoadResource("NancySelfHostWeb.403.html") },
                { HttpStatusCode.NotFound, LoadResource("NancySelfHostWeb.404.html") }
 
            };
            this.responseNegotiator = responseNegotiator;
        }
        
        public bool HandlesStatusCode(HttpStatusCode statusCode, NancyContext context)
        {
            return this.supportedStatusCodes.Any(s => s == statusCode);
        }
 
        public void Handle(HttpStatusCode statusCode, NancyContext context)
        {
            if (context.Response != null && context.Response.Contents != null && !ReferenceEquals(context.Response.Contents, Response.NoBody))
            {
                return;
            }
            if (!this.errorMessages.ContainsKey(statusCode) || !this.errorPages.ContainsKey(statusCode))
            {
                return;
            }
            Response existingResponse = null;
            if (context.Response != null)
            {
                existingResponse = context.Response;
            }
            context.NegotiationContext = new NegotiationContext();
            var result = new DefaultStatusCodeHandlerResult(statusCode, this.errorMessages[statusCode], StaticConfiguration.DisableErrorTraces ? DisableErrorTracesTrueMessage : context.GetExceptionDetails());
            try
            {
                context.Response = this.responseNegotiator.NegotiateResponse(result, context);
                context.Response.StatusCode = statusCode;
 
 
                if (existingResponse != null)
                {
                    context.Response.ReasonPhrase = existingResponse.ReasonPhrase;
                }
                return;
            }
            catch (ViewNotFoundException)
            {
            }
            this.ModifyResponse(statusCode, context, result);
        }
 
 
        private void ModifyResponse(HttpStatusCode statusCode, NancyContext context, DefaultStatusCodeHandlerResult result)
        {
            if (context.Response == null)
            {
                context.Response = new Response { StatusCode = statusCode };
            }
            var contents = this.errorPages[statusCode];
            if (!string.IsNullOrEmpty(contents))
            {
                contents = contents.Replace("[DETAILS]", result.Details);
            }
            context.Response.ContentType = "text/html";
            context.Response.Contents = s =>
            {
                using (var writer = new StreamWriter(new UnclosableStreamWrapper(s), Encoding.UTF8))
                {
                    writer.Write(contents);
                }
            };
        }
        private static string LoadResource(string filename)
        {
 
            // 獲取當前資源文件
            var resourceStream = typeof(CustomStatusCode).Assembly.GetManifestResourceStream(string.Format("{0}", filename));
            if (resourceStream == null)
            {
                return string.Empty;
            }
            using (var reader = new StreamReader(resourceStream))
            {
                return reader.ReadToEnd();
            }
        }
        internal class DefaultStatusCodeHandlerResult
        {
            public DefaultStatusCodeHandlerResult(HttpStatusCode statusCode, string message, string details)
            {
                this.StatusCode = statusCode;
                this.Message = message;
                this.Details = details;
            }
            public HttpStatusCode StatusCode { get; private set; }
            public string Message { get; private set; }
            public string Details { get; private set; }
        }
    }
}

這樣還可以把Nancy內置的500，404錯誤改成我們自定義的顯示。

有時覺得這樣太麻煩，可以自大在Module中去判斷登錄用戶是否具有角色，代碼如下

using Nancy;
using Nancy.Security;
using System.Linq;

namespace TestSelfHostWeb.Modules
{
    public class IndexModule : NancyModule
    {
        public IndexModule()
        {
            //開啟全局驗證
            this.RequiresAuthentication();
            Get["/"] = parameters =>
            {
                //開啟角色驗證，只有該角色可以訪問本路由
                //this.RequiresClaims("admin");

                //自己判斷登錄角色具有權限
                if (!this.Context.CurrentUser.Claims.Contains("admin"))
                {
                    return View["error"];//定義一個錯誤頁面error.cshtml即可
                }

                return View["index"];
            };
        }
    }
}