public async Task <ActionResult <FamilyTreeDto> > GetFamilyTreeById(int id)
{
var result = await _service.GetFamilyTreeByIdAsync(id);
return(new ObjectResult(new
{
FamilyTreeGet = _mapper.MapToDto <Entity.FamilyTree, FamilyTreeDto>(result)
}));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.Keys.Contains("auth"))
{
return(AuthenticateResult.Fail("Authorization header is missing"));
}
UserCompleteDto user = null;
try
{
var authHeader = Request.Headers["auth"];
var credentials = JsonConvert.DeserializeObject <AuthenticateUserDto>(authHeader);
User data = await _userService.AuthenticateUserAsync(credentials.Id, credentials.Hash);
user = _mapper.MapToDto <User, UserCompleteDto>(data);
if (Request.Path.ToString().Contains("/familytree/") && Request.Method.Contains("GET") && !Request.Path.ToString().Contains("/concat-valid/"))
{
var partials = Request.Path.ToString().Split('/');
var familyTreeId = Int32.Parse(partials[2]);
Entity.FamilyTree fData = await _familytreeService.GetFamilyTreeByIdAsync(familyTreeId);
if (fData.UserId != credentials.Id && fData.Type != Entity.Enums.FamilyTreeTypesEnum._public)
{
throw new Exception();
}
}
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (user == null)
{
return(AuthenticateResult.Fail("Authentication failed"));
}
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.Nickname),
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
// Set authentication ticket -> authentization succesfull
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
