private int expiresInMinutes = 5 * 60; //5 hrs
public UserService(IUserRepository userRepository,
ITenantRepository tenantRepository,
ITenantContext tenantContext)
{
_userRepository = userRepository;
_tenantRepository = tenantRepository;
_tenant = tenantContext.GetTenant();
}
protected override DbConnection CreateConnection(string conString)
{
//modify database name here
var tenant = _tenantContext.GetTenant();
var builder = new SqlConnectionStringBuilder(conString)
{
InitialCatalog = tenant.DatabaseName
};
conString = builder.ConnectionString;
return(base.CreateConnection(conString));
}
private async Task <bool> AuthorizeAsync(IPrincipal user, string scope)
{
//validate user and its scope from database or cache
var tenant = _tenantContext.GetTenant();
var cacheKey = $"SCOPES_{tenant.TenantID}_{user.Identity.Name}".Trim().ToUpper();
var scopes = await _cache.GetOrCreateAsync(cacheKey, async entry =>
{
entry.AbsoluteExpiration = DateTimeOffset.UtcNow.AddMinutes(20);
//get all scopes of a user from database if it doesn't exists in cache.
return(await _userService.GetScopesAsync(user.Identity.Name));
});
var authorized = scopes.Any(o => o == scope);
return(await Task.FromResult(authorized));
}