public void OnAuthorization(AuthorizationFilterContext context)
        {
            var optionsBuilder = new DbContextOptionsBuilder <FactFluxIdentity>();

            optionsBuilder.UseSqlServer(Startup.staticConfig["ConnectionStrings:FactFluxConnection"]);
            var newdbContext = new FactFluxIdentity(optionsBuilder.Options);
            var userClaims   = context.HttpContext.User.Identities.FirstOrDefault().Claims;

            if (userClaims == null || userClaims.Count() == 0)
            {
                context.Result = new ForbidResult();
            }

            var userId = userClaims.FirstOrDefault().Value.ToString();

            using (newdbContext)
            {
                var foundUser = newdbContext.Users.Where(x => x.Id == userId).FirstOrDefault();

                if (foundUser == null)
                {
                    context.Result = new ForbidResult();
                }

                var isAdmin = (from ur in newdbContext.UserRoles
                               join r in newdbContext.Roles on ur.RoleId equals r.Id
                               where r.Name == "Admin" && ur.UserId == userId
                               select ur).FirstOrDefault();

                if (isAdmin == null)
                {
                    context.Result = new ForbidResult();
                }
            }
        }
        public bool Authorize(DashboardContext context)
        {
            var optionsBuilder = new DbContextOptionsBuilder <FactFluxIdentity>();

            optionsBuilder.UseSqlServer(Startup.staticConfig["ConnectionStrings:FactFluxConnection"]);
            var newdbContext = new FactFluxIdentity(optionsBuilder.Options);

            var userClaims = HttpContext.HttpContext.User.Identities.FirstOrDefault().Claims;

            if (!userClaims.Any())
            {
                return(false);
            }

            var userId = userClaims.FirstOrDefault().Value.ToString();

            using (newdbContext)
            {
                var foundUser = newdbContext.Users.Where(x => x.Id == userId).FirstOrDefault();

                if (foundUser == null)
                {
                    return(false);
                }

                var isAdmin = (from ur in newdbContext.UserRoles
                               join r in newdbContext.Roles on ur.RoleId equals r.Id
                               where r.Name == "Admin" && ur.UserId == userId
                               select ur).FirstOrDefault();

                if (isAdmin == null)
                {
                    return(false);
                }

                return(true);
            }
        }
Beispiel #3
0
 public IdentityController(IHttpContextAccessor httpContext, UserManager <IdentityUser> userManager, FactFluxIdentity factFluxIdentity)
 {
     HttpContext             = httpContext;
     UserManager             = userManager;
     FactFluxIdentityContext = factFluxIdentity;
 }