Example #1
0
 public UserService
 (
     IUserRepository userRepo,
     ICryptoHelper crypytoHelper,
     IJWTokenHelper tokenHelper,
     IRoleAssignmentRepository roleAssignmentRepo,
     IPermissionRepository permissionRepo
 )
 {
     _userRepo           = userRepo;
     _crypytoHelper      = crypytoHelper;
     _tokenHelper        = tokenHelper;
     _roleAssignmentRepo = roleAssignmentRepo;
     _permissionRepo     = permissionRepo;
 }
Example #2
0
        public async Task Invoke(HttpContext context, IJWTokenHelper helper)
        {
            var endpoint = context.GetEndpoint();

            if (endpoint != null)
            {
                var isAllowAnonymous = endpoint.Metadata.OfType <AllowAnonymousAttribute>().Count() > 0;
                if (isAllowAnonymous)
                {
                    await _next.Invoke(context);

                    return;
                }
            }
            var token = context.Request.Headers["Authorization"].FirstOrDefault();

            if (token == null)
            {
                context.Response.StatusCode = StatusCodes.Status401Unauthorized;
                await context.Response.WriteAsync("");

                return;
            }

            var secretKey    = _configuration.GetValue <string>("Security:Secret");
            var isTokenValid = helper.DecodeJwToken(token, secretKey, out IEnumerable <Claim> claims);

            if (!isTokenValid)
            {
                context.Response.StatusCode = StatusCodes.Status401Unauthorized;
                await context.Response.WriteAsync(JsonConvert.SerializeObject(new { Message = "Unknown Authentication" }));

                return;
            }

            foreach (var claim in claims)
            {
                context.Items.Add(claim.Type, claim.Value);
            }


            await _next.Invoke(context);
        }