public UserService ( IUserRepository userRepo, ICryptoHelper crypytoHelper, IJWTokenHelper tokenHelper, IRoleAssignmentRepository roleAssignmentRepo, IPermissionRepository permissionRepo ) { _userRepo = userRepo; _crypytoHelper = crypytoHelper; _tokenHelper = tokenHelper; _roleAssignmentRepo = roleAssignmentRepo; _permissionRepo = permissionRepo; }
public async Task Invoke(HttpContext context, IJWTokenHelper helper) { var endpoint = context.GetEndpoint(); if (endpoint != null) { var isAllowAnonymous = endpoint.Metadata.OfType <AllowAnonymousAttribute>().Count() > 0; if (isAllowAnonymous) { await _next.Invoke(context); return; } } var token = context.Request.Headers["Authorization"].FirstOrDefault(); if (token == null) { context.Response.StatusCode = StatusCodes.Status401Unauthorized; await context.Response.WriteAsync(""); return; } var secretKey = _configuration.GetValue <string>("Security:Secret"); var isTokenValid = helper.DecodeJwToken(token, secretKey, out IEnumerable <Claim> claims); if (!isTokenValid) { context.Response.StatusCode = StatusCodes.Status401Unauthorized; await context.Response.WriteAsync(JsonConvert.SerializeObject(new { Message = "Unknown Authentication" })); return; } foreach (var claim in claims) { context.Items.Add(claim.Type, claim.Value); } await _next.Invoke(context); }