public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
if (!(context.ActionArguments.Values.FirstOrDefault(x => x is Update) is Update update))
{
context.Result = new StatusCodeResult(401);
return;
}
var extendedUpdate = userContextProvider.Set(update);
var id = extendedUpdate.Type == UpdateType.CallbackQuery
? extendedUpdate.CallbackQuery.From.Id
: extendedUpdate.RealMessage.From.Id;
telegramUserIdProvider.Set(id);
var dbUser = await loaderProvider
.Get <int, TelegramUser>()
.GetOrLoadAsync(id);
userContextProvider.SetDatabaseUser(dbUser);
var result = await next();
if (result.Exception != null)
{
await telegramUsersNotifier
.SendAsync((client, user) => client
.SendTextMessageAsync(user.Id, result.Exception.ToString()),
TelegramUserStates.Dev);
result.ExceptionHandled = true;
result.HttpContext.Response.StatusCode = 200;
}
}
public override async Task <AuthResult> ExecuteQueryAsync(RefreshSessionQuery query)
{
var now = DateTime.UtcNow;
var token = await hookrRepository
.ReadAsync((context, cancellationToken) => context
.RefreshTokens
.Include(x => x.User)
.FirstOrDefaultAsync(x => !x.Used &&
x.ExpiresAt > now &&
x.Value
.Equals(query.RefreshToken),
cancellationToken), Token);
if (token == null)
{
throw new RefreshTokenNotFoundException();
}
telegramUserIdProvider.Set(token.UserId);
var result = await CreateAndSaveSessionAsync(token.User);
token.Used = true;
await hookrRepository.SaveChangesAsync();
return(result);
}
private async Task <AuthResult> AuthenticateAsync(TelegramUserDto dto)
{
telegramUserIdProvider.Set(dto.Id);
var user = await GetOrCreateTelegramUser(dto);
return(await CreateAndSaveSessionAsync(user));
}
// ReSharper disable once UnusedMember.Global
public async Task InvokeAsync(HttpContext httpContext,
ILogger <JwtReaderMiddleware> logger,
ICacheProvider cacheProvider,
IUserContextAccessor userContextAccessor,
ITelegramUserIdProvider telegramUserIdProvider
)
{
var header = httpContext.Request.Headers["Authorization"]
.FirstOrDefault(x => x.StartsWith(Bearer));
if (string.IsNullOrEmpty(header))
{
await next(httpContext);
return;
}
var readResult = header
.Replace(Bearer, string.Empty)
.Trim()
.Map(new JwtSecurityTokenHandler().ReadJwtToken)
.Map(new JwtPayloadReader().Read);
if (!readResult.Success)
{
httpContext.Response.StatusCode = 401;
return;
}
var payload = readResult.Payload;
telegramUserIdProvider.Set(payload.Id);
var cachedSession = await cacheProvider
.UserLevel <Session>()
.GetAsync();
if (cachedSession == null ||
!cachedSession.Key.Equals(payload.Key) ||
!cachedSession.Id.Equals(payload.Id) ||
!cachedSession.State.Equals(payload.Role))
{
httpContext.Response.StatusCode = 401;
return;
}
logger
.LogInformation("Found valid session for {TelegramUserId} in caches", payload.Id);
userContextAccessor
.SetContext(cachedSession);
await next(httpContext);
}
public Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
telegramUserIdProvider.Set(Grab(context));
return(next());
}
