private async Task AttachUserToContext(HttpContext context, CampaignSaberContext campaignSaberContext, string token) { try { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.UTF8.GetBytes(_jwtSettings.Key); tokenHandler.ValidateToken(token, new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidIssuer = _jwtSettings.Issuer, ValidAudience = _jwtSettings.Issuer, IssuerSigningKey = new SymmetricSecurityKey(key) }, out SecurityToken validatedToken); var jwtToken = (JwtSecurityToken)validatedToken; var userId = jwtToken.Claims.First(x => x.Type == "sub").Value; context.Items["User"] = await campaignSaberContext.Users.FirstAsync(u => u.Id == userId); } catch (Exception e) { Console.WriteLine(e.Message); } }
public Expression <Func <CampaignSaberContext, Campaign> > DeleteCampaign(CampaignSaberContext db, CampaignDeletionArgs args, GraphQLValidator validator, IHttpContextAccessor accessor) { var user = accessor.HttpContext.Items["User"]; if (user == null) { validator.AddError("Unauthorized Request"); } var cuser = (User)user; if (validator.HasErrors) { return(null); } var campaign = db.Campaigns.FirstOrDefault(c => c.Id == args.Id && (c.UploaderId == cuser.Id || cuser.Role == Role.Admin)); if (campaign == null) { validator.AddError("Campaign Not Found"); return(null); } db.Campaigns.Remove(campaign); db.SaveChanges(); return(null); }
public async Task Invoke(HttpContext context, CampaignSaberContext campaignSaberContext) { var token = context.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ").LastOrDefault(); if (token != null) { await AttachUserToContext(context, campaignSaberContext, token); } await _next(context); }
public Expression <Func <CampaignSaberContext, Campaign> > UpdateCampaign(CampaignSaberContext db, CampaignArgs args, GraphQLValidator validator, IHttpContextAccessor accessor) { if (string.IsNullOrEmpty(args.Title)) { validator.AddError("Title argument is required"); } if (!string.IsNullOrEmpty(args.Description)) { if (args.Description.Length > 2000) { validator.AddError("Description is too long! (Max 2000 characters)"); } } var user = accessor.HttpContext.Items["User"]; if (user == null) { validator.AddError("Unauthorized Request"); } var cuser = (User)user; if (validator.HasErrors) { return(null); } var campaign = db.Campaigns.FirstOrDefault(c => c.Id == args.Id && (c.UploaderId == cuser.Id || cuser.Role == Role.Admin)); if (campaign == null) { validator.AddError("Campaign Not Found"); return(null); } campaign.Title = args.Title; campaign.Description = args.Description; db.SaveChanges(); return(ctx => ctx.Campaigns.First(c => c.Id == campaign.Id)); }
public VoteController(CampaignSaberContext campaignSaberContext) { _campaignSaberContext = campaignSaberContext; }
public AuthorizationController(IJWTSettings jwtSettings, DiscordService discordService, CampaignSaberContext campaignSaberContext) { _jwtSettings = jwtSettings; _discordService = discordService; _campaignSaberContext = campaignSaberContext; }
public UploadController(CampaignSaberContext campaignSaberContext) { _campaignSaberContext = campaignSaberContext; }
public GraphQLController(CampaignSaberContext campaignSaberContext, SchemaProvider <CampaignSaberContext> schemaProvider) { _schemaProvider = schemaProvider; _campaignSaberContext = campaignSaberContext; }