public BaseController(
IConfigurationRoot config,
DbContextOptionsWrapper dbOptns,
InjectorObjectHolder injHolder)
{
_config = config;
_injHolder = injHolder;
if (dbOptns != null)
{
dbOptns.GetConnectionString = this.GetConnectionString;
_dbi = new AppDbInteractor(new AppDbContext(dbOptns), GetAccessTokenValue);
}
if (_injHolder != null && _dbi != null)
{
object temp = _injHolder.GetObject("ConnToken");
temp = Helper.JSonCamelDeserializeObject <LoginConnectionToken>(temp);
if (temp != null)
{
_dbi.ConnToken = (LoginConnectionToken)temp;
temp = null;
}
}
}
internal static bool HasAccess(ClaimsPrincipal claimsPrincipal, AppDbInteractor dbi)
{
if (claimsPrincipal != null && dbi != null)
{
Exception ex1 = null;
bool accessTokenValid = false;
try
{
try
{
dbi.VerifyConnectionToken();
accessTokenValid = true;
}
catch (Exception ex)
{
ex1 = ex;
}
if (!accessTokenValid)
{
return(dbi.GetRefreshToken(tokenValue: claimsPrincipal.FindFirst(BaseController.REFRESH_TOKEN_KEY)?.Value) != null);
}
return(true);
}
catch (Exception ex)
{
ex1 = ex;
}
finally
{
ex1 = null;
}
}
return(false);
}
protected override async Task HandleRequirementAsync(AuthorizationHandlerContext context, AccessRequirement requirement)
{
if (context?.User != null && requirement != null)
{
AuthorizationFilterContext authFilterContext = null;
ClaimsIdentity claimsIdentity = null;
string rTokenValue = null, userFullName = null, accessTokenValue = null;
bool isInvalidPassword = false;
Dictionary <string, string> menusReq = null;
try
{
authFilterContext = context.Resource as AuthorizationFilterContext;
if (authFilterContext?.HttpContext != null)
{
using (var dbi = new AppDbInteractor(
new AppDbContext(_dbOptnsWrapper),
() =>
{
string aToken = context?.User?.FindFirst(BaseController.ACCESS_TOKEN_KEY)?.Value;
return(aToken);
}))
{
bool accessTokenGood = true;
try
{
dbi.VerifyConnectionToken();
}
catch (ExceptionID)
{
accessTokenGood = false;
}
catch (Exception ex)
{
throw ex;
}
isInvalidPassword = context.User.FindFirst(BaseController.PASSWORD_FORMAT_INVALID)?.Value?.ToLower() == "true";
if (!accessTokenGood)
{
rTokenValue = context.User.FindFirst(BaseController.REFRESH_TOKEN_KEY)?.Value;
userFullName = context.User.FindFirst(BaseController.USER_FULL_NAME)?.Value;
bool rememberUser = context.User.FindFirst(BaseController.REMEMBER_USER)?.Value?.ToLower() == "true";
accessTokenValue = dbi.RegenAccessTokenValue(rTokenValue, isInvalidPassword);
claimsIdentity = new ClaimsIdentity(BaseController.APP_ID);
claimsIdentity.AddClaims(context.User.Claims.Where(l => l.Type != BaseController.ACCESS_TOKEN_KEY));
claimsIdentity.AddClaim(new Claim(BaseController.ACCESS_TOKEN_KEY, accessTokenValue));
if (BaseController.GetRememberUser(context.User))
{
await authFilterContext.HttpContext.Authentication.SignInAsync(
BaseController.APP_ID,
new ClaimsPrincipal(claimsIdentity),
new AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = BaseController.GetClaimExpDate(context.User)
});
}
else
{
await authFilterContext.HttpContext.Authentication.SignInAsync(BaseController.APP_ID, new ClaimsPrincipal(claimsIdentity));
}
}
if (isInvalidPassword && !requirement.AllowInvalidPasswordFormat)
{
throw new ExceptionAccess(HttpStatusCode.PartialContent);
}
menusReq = authFilterContext.Filters?.OfType <MenuRequirementAttribute>()?.FirstOrDefault()?.GetSlugAndPaths();
if (menusReq != null && menusReq.Count > 0)
{
bool hasMenuAccess = true;
await Task.WhenAll(
menusReq.Select(mnu => Helper.GetFunc(() =>
{
if (hasMenuAccess)
{
bool temp = dbi.AccountHasMenuAccess(mnu.Key, mnu.Value);
lock (menusReq)
{
hasMenuAccess = hasMenuAccess ? temp : false;
}
}
return(Task.CompletedTask);
})()));
if (!hasMenuAccess)
{
throw new ExceptionAccess(HttpStatusCode.Forbidden);
}
}
_injHolder.AddObject("ConnToken", Helper.JSonCamelSerializeObject(dbi.ConnToken));
}
}
context.Succeed(requirement);
}
catch (ExceptionAccess ex)
{
throw ex;
}
catch (ExceptionID ex)
{
throw new ExceptionAccess(HttpStatusCode.Unauthorized, ex);
}
catch (Exception ex)
{
throw new ExceptionAccess(HttpStatusCode.InternalServerError, ex);
}
finally
{
authFilterContext = null;
menusReq?.Clear();
menusReq = null;
}
}
}
internal static bool HasAccess(Controller controller, AppDbInteractor dbi)
{
return(HasAccess(controller?.User, dbi));
}
