public DocumentController(DocumentService service,
PermissionService permission,
CurrentAuth auth)
{
_service = service;
_permission = permission;
_user = auth.TryGet <UserAuth>();
}
public void Authenticate(CurrentAuth auth, UserCredentialsDto credentials)
{
var user = Repository.FindByEmail(credentials.Email.ToLower());
if (user == null || user.Password != credentials.Password)
{
throw new ValidationFieldException(nameof(credentials.Password), "Nome ou senha incorretos!");
}
if (!user.Active)
{
throw new ValidationFieldException(nameof(credentials.Email), "Sua conta está desativada!");
}
_userAuthProvider.Load(user, auth);
}
public CurrentAuth Get(Guid guid)
{
CurrentAuth auth;
lock (_auths) {
_auths.TryGetValue(guid, out auth);
if (auth == null)
{
_auths[guid] = auth = new CurrentAuth(guid);
}
}
auth.LastAction = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
return(auth);
}
public async Task Invoke(HttpContext context, CurrentAuth holder)
{
context.Items[AuthorizationMiddlewareInvokedWithEndpointKey] = AuthorizationMiddlewareWithEndpointInvokedValue;
var endpoint = context.GetEndpoint();
if (endpoint == null)
{
await _next(context);
return;
}
var authorizeData = endpoint.Metadata.GetOrderedMetadata <IAuthorizeData>() ?? Array.Empty <IAuthorizeData>();
if (endpoint.Metadata.GetMetadata <IAllowAnonymous>() != null)
{
await _next(context);
return;
}
if (authorizeData.Any())
{
if (!holder.Authenticated)
{
context.Response.Redirect("/Auth/Login");
return;
}
var auth = holder.TryGet <IAuth>();
if (authorizeData.Any(data => data.Roles != null && !auth.HasRole(data.Roles)))
{
await context.Response.WriteAsync("fail");
return;
}
}
await _next(context);
}
public void Load(User user, CurrentAuth auth)
{
auth.Set(ToAuth(user), this);
}
public AuthController(UserService service, CurrentAuth auth)
{
_service = service;
_auth = auth;
}
