Esempio n. 1
0
        public async Task <IActionResult> GetHasConfirmedSkills()
        {
            if (EnableAuthBypass())
            {
                return(Ok());
            }

            if (!User.Identity.IsAuthenticated)
            {
                return(new UnauthorizedResult());
            }

            UserProfile profile = User.GetUserProfile();

            ApiResponse <User> apiResponse = await _usersApiClient.GetUserByUserId(profile.Id);

            if (apiResponse.StatusCode == HttpStatusCode.OK && apiResponse.Content.HasConfirmedSkills)
            {
                CookieOptions option = new CookieOptions
                {
                    Expires  = DateTime.Now.AddDays(1),
                    Secure   = true,
                    HttpOnly = true
                };
                Response.Cookies.Append(UserConstants.SkillsConfirmationCookieName, "true", option);
                return(Ok());
            }
            else
            {
                return(StatusCode(204, "Could not verify that user has confirmed skills"));
            }
        }
        public async Task InvokeAsync(HttpContext context)
        {
            if (context.User.Identity.IsAuthenticated)
            {
                bool haveCookieForConfirmedSkills = context.Request.Cookies.ContainsKey(UserConstants.SkillsConfirmationCookieName);

                if (!haveCookieForConfirmedSkills && DoesRequestRequireSkills(context.Request))
                {
                    IUsersApiClient usersApiClient = context.RequestServices.GetService <IUsersApiClient>();

                    UserProfile profile = context.User.GetUserProfile();

                    ApiResponse <User> apiResponse = await usersApiClient.GetUserByUserId(profile.Id);

                    if (apiResponse.StatusCode != HttpStatusCode.OK)
                    {
                        context.Response.StatusCode = (int)apiResponse.StatusCode;
                        context.Response.WriteAsync("Could not verify that user has confirmed skills").Wait();
                        return;
                    }

                    if (!apiResponse.Content.HasConfirmedSkills)
                    {
                        context.Response.StatusCode = 451;
                        context.Response.WriteAsync("User has not confirmed skills").Wait();
                        return;
                    }

                    CookieOptions option = new CookieOptions
                    {
                        Expires  = DateTime.Now.AddDays(1),
                        Secure   = true,
                        HttpOnly = true
                    };
                    context.Response.Cookies.Append(UserConstants.SkillsConfirmationCookieName, "true", option);
                }
            }

            await _next(context);
        }
Esempio n. 3
0
        public async Task InvokeAsync(HttpContext context)
        {
            bool hasConfirmedSkills = context.Request.Cookies.ContainsKey(UserConstants.SkillsConfirmationCookieName);

            if (context.User.Identity.IsAuthenticated)
            {
                if (!hasConfirmedSkills && !context.Request.Path.Value.Contains("confirmSkills", StringComparison.InvariantCultureIgnoreCase))
                {
                    IUsersApiClient usersApiClient = context.RequestServices.GetService <IUsersApiClient>();

                    UserProfile profile = context.User.GetUserProfile();

                    ApiResponse <User> apiResponse = await usersApiClient.GetUserByUserId(profile.Id);

                    if (apiResponse.StatusCode != HttpStatusCode.OK || !apiResponse.Content.HasConfirmedSkills)
                    {
                        context.Response.Redirect("/users/confirmskills", true);
                    }
                }
            }

            await _next(context);
        }