private TokenInformation GetToken(AppUser appUser)
{
string role;
if (appUser.Client != null)
{
UserStatus userStatus = _userStatusService.CalculateUserStatus(appUser);
if (userStatus != UserStatus.ACTIVE)
{
throw new InvalidCredentialsException("Invalid username or password");
}
role = "CLIENT";
}
else if (appUser.Employee != null)
{
role = "EMPLOYEE";
}
else if (appUser.Trainer != null)
{
role = "TRAINER";
}
else
{
throw new Exception("Invalid user without assigned role");
}
return(new TokenInformation
{
AccessToken = JWTUtil.CreateToken(appUser.Id, role),
Role = role
});
}
public UserInfo IsAuthorized(HttpRequest request, string[] roles)
{
var token = request.Headers["Authorization"];
var claims = JWTUtil.VerifyToken(token).Claims;
UserInfo userInfo = new UserInfo
{
Id = int.Parse(claims.Where(x => x.Type == ClaimTypes.Name).FirstOrDefault().Value),
Role = claims.Where(x => x.Type == ClaimTypes.Role).FirstOrDefault().Value
};
if (!roles.Contains(userInfo.Role))
{
throw new InvalidTokenException("Invalid role");
}
return(userInfo);
}
