private async Task AttachAccountToContext(HttpContext context, GunaaDbContext dataContext, string token)
{
try
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
tokenHandler.ValidateToken(token, new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false,
// set clockskew to zero so tokens expire exactly at token expiration time (instead of 5 minutes later)
ClockSkew = TimeSpan.Zero
}, out SecurityToken validatedToken);
var jwtToken = (JwtSecurityToken)validatedToken;
var accountId = int.Parse(jwtToken.Claims.First(x => x.Type == "id").Value);
// attach account to context on successful jwt validation
context.Items["Account"] = await dataContext.Accounts.FindAsync(accountId);
}
catch
{
// do nothing if jwt validation fails
// account is not attached to context so request won't have access to secure routes
}
}
public async Task Invoke(HttpContext context, GunaaDbContext dataContext)
{
var token = context.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ").Last();
if (token != null)
{
await AttachAccountToContext(context, dataContext, token);
}
await _next(context);
}
public PhotoManager(GunaaDbContext repositoryContext)
: base(repositoryContext)
{
}
public AlbumManager(GunaaDbContext repositoryContext)
: base(repositoryContext)
{
}
public OfficerManager(GunaaDbContext repositoryContext) : base(repositoryContext)
{
}
protected RepositoryBase(GunaaDbContext repositoryContext)
{
RepositoryContext = repositoryContext;
DbSet = RepositoryContext.Set <T>();
}
public AccountManager(GunaaDbContext repositoryContext)
: base(repositoryContext)
{
}
public CommitteeManager(GunaaDbContext repositoryContext) : base(repositoryContext)
{
}
public RepositoryWrapper(GunaaDbContext repositoryContext)
{
_repoContext = repositoryContext;
}
