public async Task <ActionResult <CurrentUserDto> > GetYourInfo(CancellationToken cancellationToken)
{
var result = await _mediator.Send(new GetCurrentUserQuery(_currentUserId), cancellationToken);
return(result != null
? Ok(result)
: Unauthorized(ErrorApiResponse.Unauthorized()));
}
public static IServiceCollection ConfigureAuthentication(this IServiceCollection services, IConfiguration configuration,
IWebHostEnvironment environment)
{
services.AddSingleton <ITicketStore, DistributedCacheTicketStore>();
services.AddOptions <CookieAuthenticationOptions>(CookieAuthenticationDefaults.AuthenticationScheme)
.Configure <ITicketStore>((options, ticketStore) =>
{
options.Cookie.Name = "auth.cookie";
options.SessionStore = ticketStore;
options.Cookie.SameSite = environment.IsProduction()
? SameSiteMode.Lax
: SameSiteMode.Unspecified;
options.Cookie.SecurePolicy = environment.IsProduction()
? CookieSecurePolicy.Always
: CookieSecurePolicy.None;
options.Events.OnRedirectToLogin = async context =>
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
var response = ErrorApiResponse.Unauthorized();
await context.Response.WriteAsJsonAsync(response);
await context.Response.Body.FlushAsync();
};
options.Events.OnRedirectToAccessDenied = async context =>
{
context.Response.StatusCode = StatusCodes.Status403Forbidden;
var response = ErrorApiResponse.Forbidden();
await context.Response.WriteAsJsonAsync(response);
await context.Response.Body.FlushAsync();
};
});
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme).AddCookie();
services.AddTransient <ICurrentUserService, CurrentUserService>();
return(services);
}
