public async Task <ActionResult <FamilyTreeDto> > GetFamilyTreeById(int id) { var result = await _service.GetFamilyTreeByIdAsync(id); return(new ObjectResult(new { FamilyTreeGet = _mapper.MapToDto <Entity.FamilyTree, FamilyTreeDto>(result) })); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.Keys.Contains("auth")) { return(AuthenticateResult.Fail("Authorization header is missing")); } UserCompleteDto user = null; try { var authHeader = Request.Headers["auth"]; var credentials = JsonConvert.DeserializeObject <AuthenticateUserDto>(authHeader); User data = await _userService.AuthenticateUserAsync(credentials.Id, credentials.Hash); user = _mapper.MapToDto <User, UserCompleteDto>(data); if (Request.Path.ToString().Contains("/familytree/") && Request.Method.Contains("GET") && !Request.Path.ToString().Contains("/concat-valid/")) { var partials = Request.Path.ToString().Split('/'); var familyTreeId = Int32.Parse(partials[2]); Entity.FamilyTree fData = await _familytreeService.GetFamilyTreeByIdAsync(familyTreeId); if (fData.UserId != credentials.Id && fData.Type != Entity.Enums.FamilyTreeTypesEnum._public) { throw new Exception(); } } } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (user == null) { return(AuthenticateResult.Fail("Authentication failed")); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.Nickname), }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); // Set authentication ticket -> authentization succesfull var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }