protected override void OnAuthorization(AuthorizationContext filterContext)
{
var httpRequest = filterContext.HttpContext.Request;
var hasSessionTokenCookie = _sessionTokenCookieManager.HasSessionTokenCookie(httpRequest);
if (!hasSessionTokenCookie)
{
filterContext.Result = new HttpUnauthorizedResult();
return;
}
var sessionToken = _sessionTokenCookieManager.GetSessionToken(httpRequest);
var getUserInfoResult = _retaskService.GetUserInfo(sessionToken);
if (!getUserInfoResult.Ok)
{
filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.InternalServerError);
return;
}
var userIsAdmin = getUserInfoResult.Payload.IsAdmin;
if (!userIsAdmin)
{
filterContext.Result = new HttpUnauthorizedResult();
}
}
public ActionResult Index()
{
var hasSessionTokenCookie = _sessionTokenCookieManager.HasSessionTokenCookie(Request);
if (hasSessionTokenCookie)
{
var sessionToken = _sessionTokenCookieManager.GetSessionToken(Request);
var getUserInfoResult = _retaskService.GetUserInfo(sessionToken);
if (getUserInfoResult.Ok)
{
return(RedirectToAction("Index", "App"));
}
_sessionTokenCookieManager.UnsetSessionTokenCookie(Response.Cookies);
}
return(View());
}
public ServiceResult <UserInfoDTO> GetUserInfo(
[Description("Session Token")] string sessionToken)
{
return(_retaskService.GetUserInfo(sessionToken));
}
