public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var    _userService  = (IAspNetUserRolesService)filterContext.HttpContext.RequestServices.GetService(typeof(IAspNetUserRolesService));
            var    request       = filterContext.HttpContext.Request;
            var    route         = request.Path.HasValue ? request.Path.Value : "";
            var    requestHeader = request.Headers.Aggregate("", (current, header) => current + $"{header.Key}: {header.Value}{Environment.NewLine}");
            string requestBody   = "";

            //request.EnableRewind();
            if (request.Method == "GET")
            {
                Microsoft.AspNetCore.Http.QueryString queryString = request.QueryString;
                var    dict = HttpUtility.ParseQueryString(queryString.ToString());
                string json = JsonConvert.SerializeObject(dict.Cast <string>().ToDictionary(k => k, v => dict[v]));
                requestBody = json;
            }
            else if (request.Method == "POST")
            {
                using (var stream = new StreamReader(request.Body))
                {
                    stream.BaseStream.Position = 0;
                    requestBody = stream.ReadToEnd();
                }
            }

            if ((route.ToLower() == "/api/AuthManagement/Login") || (route.ToLower() == "/api/AuthManagement/GetUserClaims".ToLower()))
            {
                base.OnActionExecuting(filterContext);
            }
            else
            {
                Boolean IsAuthorized = false;
                Task <ClaimsResponse> claimsResponse = _userService.getUserClaimsByUserIdAsync(filterContext.HttpContext.Items["UserId"].ToString());
                foreach (var item in claimsResponse.Result.Claims)
                {
                    if (route.ToLower().Equals(("/api/" + item.ControlleEnTitile.Trim() + "/" + item.ActionTitleEn.Trim()).ToLower()))
                    {
                        IsAuthorized = true;
                        break;
                    }
                }
                if (IsAuthorized)
                {
                    base.OnActionExecuting(filterContext);
                }
                else
                {
                    filterContext.Result = new JsonResult(new { HttpStatusCode.Unauthorized });
                }
            }
        }
Example #2
0
 /// <summary>
 /// Combines a PathString and QueryString into the joined URI formatted string value.
 /// </summary>
 /// <returns>The joined URI formatted string value</returns>
 public string Add(QueryString other)
 {
     return(ToUriComponent() + other.ToUriComponent());
 }