public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { var jwtUser = context.HttpContext.User; if (!jwtUser.HasClaim(c => c.Type == JwtRegisteredClaimNames.Sub)) { InvalidateRequest(context, "Invalid token for request", _logger, 401); } String username = context.HttpContext.User.Claims.FirstOrDefault(c => c.Type == JwtRegisteredClaimNames.Sub).Value; String slug = context.ActionArguments["slug"] as String; Article article = await _articleService.GetArticle(slug, username); if (article.Author.Username != username) { InvalidateRequest(context, "You are not authorized to edit this article", _logger, 403); return; } UpdateArticleHolder updateArticleHolder = context.ActionArguments["updateArticle"] as UpdateArticleHolder; UpdateArticle updateArticle = updateArticleHolder.Article; if (null == updateArticle.Title && null == updateArticle.Description && null == updateArticle.Body) { InvalidateRequest(context, "Nothing to update", _logger, 422); return; } return; }
public async Task <IActionResult> UpdateArticle(string slug, [FromBody] UpdateArticleHolder updateArticleHolder) { try { string username = HttpContext.User.Claims.FirstOrDefault(c => c.Type == JwtRegisteredClaimNames.Sub).Value; Article article = await _articleService.UpdateArticle(username, slug, updateArticleHolder.Article); return(Ok(new SingleArticleHolder(article))); } catch (Exception ex) { return(HandleException(ex, _logger)); } }