public async Task <bool> Handle(LoginCommand request, CancellationToken cancellationToken) { var staffAccount = _staffRepo.GetByEmail(request.Email); if (staffAccount == null) { return(false); } var isMatching = _passwordHelper.ValidatePassword(request.Password, staffAccount.PasswordSalt, staffAccount.PasswordHash); if (!isMatching) { return(false); } var claims = new List <Claim> { new Claim(ClaimTypes.Name, staffAccount.Name), new Claim(ClaimTypes.NameIdentifier, staffAccount.Id.ToString()), new Claim(ClaimTypes.Role, staffAccount.Role.ToString()), }; var userIdentity = new ClaimsIdentity(claims, "Basic"); var userPrincipal = new ClaimsPrincipal(userIdentity); await _signInManager.SignInAsync(userPrincipal, false); _cache.Set(staffAccount.Id.ToString(), staffAccount.Role.ToString(), CacheHelper.CacheOptions()); return(true); }
public Task <TResponse> Handle(TRequest request, CancellationToken cancellationToken, RequestHandlerDelegate <TResponse> next) { var attr = request.GetType().GetCustomAttribute <Authorize>(false); if (attr != null) { var requiredMinimumRole = attr.Role; if (!_currentUser.IsAuthenticated()) { throw new AuthenticationException(); } var id = _currentUser.GetId(); if (id <= 0) { throw new AuthenticationException(); } var foundInCache = _cache.TryGetValue(id, out Role staffRole); if (!foundInCache) { var staff = _staffRepo.GetById(id); staffRole = staff.Role; _cache.Set(id, staffRole, CacheHelper.CacheOptions()); } if (staffRole < requiredMinimumRole) { throw new AuthorizeException(); } } return(next()); }