public CompareResult CreateCompare()
{
//Get User from header token
string userName;
var token = Request.Headers.FirstOrDefault(x => string.Equals(x.Key, "Authorization")).Value.ElementAt(0);
JWToken.Validate(token, out userName);
if (string.IsNullOrWhiteSpace(userName))
{
return(new CompareResult()
{
Status = 3,
Message = "Authorization failed."
});
}
string config = HttpContext.Current.Request["Config"];
CompareInput compareInput = JsonConvert.DeserializeObject <CompareInput>(config);
HttpFileCollection files = HttpContext.Current.Request.Files;
if (files.AllKeys.Length != 2)
{
return(new CompareResult()
{
Status = 3,
Message = "Error Input"
});
}
compareInput.FileName1 = SaveFile(files[0]);
compareInput.FileName2 = SaveFile(files[1]);
return(CompareSvc.Start(userName, compareInput));
}
public List <CompareResult> GetCompareHistroy(int start, int count)
{
//Get User from header token
string userName;
var token = Request.Headers.FirstOrDefault(x => string.Equals(x.Key, "Authorization")).Value.ElementAt(0);
JWToken.Validate(token, out userName);
if (string.IsNullOrWhiteSpace(userName))
{
return(new List <CompareResult>());
}
return(CompareSvc.GetCompareHistory(userName, start, count));
}
public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
{
//如果用户方位的Action带有AllowAnonymousAttribute,则不进行授权验证
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any())
{
return;
}
var tokenElements = actionContext.Request.Headers.FirstOrDefault(x => string.Equals(x.Key, "Authorization")).Value;
if (tokenElements != null)
{
var token = tokenElements.ElementAt(0);
string temp;
if (JWToken.Validate(token, out temp))
{
return;
}
}
actionContext.Response = actionContext.Request.CreateErrorResponse(HttpStatusCode.Unauthorized, new HttpError("Authorization failed"));
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddOptions();
// https://docs.microsoft.com/en-us/aspnet/core/mvc/controllers/dependency-injection
services.Configure <EnabledRules>(_configuration.GetSection("EnabledRules"));
services.Configure <Settings>(_configuration.GetSection("Thermostat"));
services.Configure <AccountSettings>(_configuration.GetSection("Account"));
// Uncomment to add settings from code
//services.Configure<SampleWebSettings>(settings =>
//{
// oauthCodes = new Dictionary
// settings.Updates = 17;
//});
//call this in case you need aspnet-user-authtype/aspnet-user-identity
services.AddSingleton <IHttpContextAccessor, HttpContextAccessor>();
//services.AddSingleton(_configuration);
services.AddSingleton <OAuthCodeStore>();
// add repository as a service
services.AddTransient <Repository>();
services.AddSingleton(_engine);
// Add framework services.
services.AddApplicationInsightsTelemetry(_configuration);
services.AddMvc().AddJsonOptions(options =>
{
//options.SerializerSettings.Converters.Add(new Newtonsoft.Json.Converters.StringEnumConverter());
options.SerializerSettings.NullValueHandling = Newtonsoft.Json.NullValueHandling.Ignore;
});
//services.Configure<IISOptions>( options => options.)
services.AddAuthorization(options =>
{
options.AddPolicy("passport", policy => policy.RequireClaim("passport"));
});
services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(o =>
{
o.LoginPath = new PathString("/Account/Login");
o.AccessDeniedPath = new PathString("/Account/Forbidden/");
o.Cookie.Name = "cookie";
});
// add Alexa JWT token validation
//TOOD: create a separate nuget for that
services.AddAuthorization(options =>
{
options.AddPolicy("AlexaJWT",
policy => policy.RequireAssertion(context =>
{
if (context.Resource is Microsoft.AspNetCore.Mvc.Filters.AuthorizationFilterContext mvcContext)
{
// Examine MVC specific things like routing data.
var tokenData = mvcContext.HttpContext.Request.Query["accessToken"].FirstOrDefault();
if (tokenData == null)
{
return(false);
}
JWToken token = JsonConvert.DeserializeObject <JWToken>(tokenData);
//TODO: something else..
return(token.Validate(_configuration.GetSection("Account").GetValue <string>("TokenKey")));
}
return(false);
}
));
});
// Add our BackgroundService which will be saving telemetry at regular intervals
services.AddSingleton <IHostedService, BackgroundService>();
// Note .AddMiniProfiler() returns a IMiniProfilerBuilder for easy intellisense
services.AddMiniProfiler(options =>
{
// All of this is optional. You can simply call .AddMiniProfiler() for all defaults
// (Optional) Path to use for profiler URLs, default is /mini-profiler-resources
options.RouteBasePath = "/profiler";
// (Optional) Control storage
// (default is 30 minutes in MemoryCacheStorage)
//(options.Storage as MemoryCacheStorage).CacheDuration = TimeSpan.FromMinutes(60);
// (Optional) Control which SQL formatter to use, InlineFormatter is the default
options.SqlFormatter = new StackExchange.Profiling.SqlFormatters.InlineFormatter();
// (Optional) To control authorization, you can use the Func<HttpRequest, bool> options:
// (default is everyone can access profilers)
//options.ResultsAuthorize = request => MyGetUserFunction(request).CanSeeMiniProfiler;
//options.ResultsListAuthorize = request => MyGetUserFunction(request).CanSeeMiniProfiler;
// (Optional) To control which requests are profiled, use the Func<HttpRequest, bool> option:
// (default is everything should be profiled)
//options.ShouldProfile = request => MyShouldThisBeProfiledFunction(request);
// (Optional) Profiles are stored under a user ID, function to get it:
// (default is null, since above methods don't use it by default)
//options.UserIdProvider = request => MyGetUserIdFunction(request);
// (Optional) Swap out the entire profiler provider, if you want
// (default handles async and works fine for almost all appliations)
//options.ProfilerProvider = new MyProfilerProvider();
});
}
