public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
var controller = (Controller)context.Controller;
var method = ((ControllerActionDescriptor)context.ActionDescriptor).MethodInfo;
var controllerLevelAuthorize = controller.GetType().GetCustomAttribute <AuthorizeMiddlewareAttribute>();
var actionLevelAuthorize = method.GetCustomAttribute <AuthorizeMiddlewareAttribute>();
if (controllerLevelAuthorize == null && actionLevelAuthorize == null)
{
await next();
}
else
{
// Try to get username/password from session
var userInfo = context.HttpContext.Session.GetUserInfo();
// Validate username/password
var result = await _identityLogic.IsAuthenticated(userInfo);
if (result)
{
await next();
}
else
{
// Redirect to not-authenticated
context.HttpContext.Response.Redirect($"{ApiConstants.WebSiteApiUrl}/Identity/NotAuthenticated");
}
}
}
