public override void Execute(IRequest request, IResponse response, object requestDto)
{
var claims = JwtTokenUtility.Validate(request.GetHeader("token"));
if (claims == null)
{
response.ReturnAuthRequired();
return;
}
if (_roles == Role.None)
{
return;
}
var role = (Role)Enum.Parse(typeof(Role), claims.FindFirst(ClaimTypes.Role).Value);
//If it doesn't contain the role needed the send AuthRequired
if ((_roles & role) > 0)
{
return;
}
response.ReturnAuthRequired();
}
public object Post(LoginRequest request)
{
var user = _session.Query <User, UsersByUsername>().FirstOrDefault(u => u.Username == request.Username);
if (user == null)
{
throw HttpError.NotFound("Unknown username and password");
}
if (!string.Equals(user.Password, request.Password))
{
throw HttpError.NotFound("Unknown username and password");
}
var token = JwtTokenUtility.GenerateToken(request.Username, Role.User);
return(new LoginResponse {
Result = token
});
}
