private static Task HandleExceptionAsync(HttpContext context, Exception ex, WorkFlowPostgreSqlContext dbcontext) { try { var exception = new T_Exception() { message = ex.Message.Substring(0, Math.Min(999, ex.Message.Length)), stacktrace = ex.StackTrace.Substring(0, Math.Min(999, ex.StackTrace.Length)), loglevel = null, timestamp = DateTime.Now }; var inner_exception = ex.InnerException; while (inner_exception != null) { exception.innerexceptions += ">>>>>>" + inner_exception.Message; inner_exception = inner_exception.InnerException; } exception.innerexceptions = (exception.innerexceptions != null) ? exception.innerexceptions.Substring(0, Math.Min(1000, exception.innerexceptions.Length)) : null; dbcontext.Exceptions.Add(exception); dbcontext.SaveChanges(); } catch (Exception e) { } if (context.Response.StatusCode == (int)HttpStatusCode.Unauthorized) { var results = JsonConvert.SerializeObject(new { error = "Login not found!" }); context.Response.ContentType = "application/json"; return(context.Response.WriteAsync(results)); } if (context.Response.StatusCode == (int)HttpStatusCode.Forbidden) { var results = JsonConvert.SerializeObject(new { error = "Permission denied! Forbidden" }); context.Response.ContentType = "application/json"; return(context.Response.WriteAsync(results)); } var code = HttpStatusCode.InternalServerError; // 500 if unexpected var result = JsonConvert.SerializeObject(new { error = "Some Error has occurred in API check logs or contact administrator" }); context.Response.ContentType = "application/json"; context.Response.StatusCode = (int)code; return(context.Response.WriteAsync(result)); }
public static void LogInformation(this WorkFlowPostgreSqlContext dbcontext, string logMessage) { try { var exception = new T_Exception() { message = logMessage.Substring(0, Math.Min(999, logMessage.Length)), stacktrace = null, loglevel = "Information", timestamp = DateTime.Now, innerexceptions = null }; dbcontext.Exceptions.Add(exception); dbcontext.SaveChanges(); } catch (Exception e) { throw e; } }
public async Task Invoke(HttpContext context, WorkFlowPostgreSqlContext _context, ILogger <AuthenticationMiddleware> _logger, IInformationService info, IMemoryCache memoryCache) { if (_authentications == null) { _authentications = _context.Authentication.Select(o => new Tuple <string, string>(o.Username, o.Password)).ToList(); } _logger.LogError(string.IsNullOrEmpty(context.Request.Headers["Authorization"].ToString()) ? "No Authorization in header" : context.Request.Headers["Authorization"].ToString()); string token = context.Request.Headers["AuthToken"]; if (!string.IsNullOrEmpty(token)) { Encoding encoding = Encoding.GetEncoding("iso-8859-1"); string mytoken = encoding.GetString(Convert.FromBase64String(token)); //string mytoken = token; var token_entity = _context.Sessions.FirstOrDefault(o => o.session_token == token && o.logout_time == null && o.expire_time > DateTime.Now); if (token_entity != null) { var user_entity = _context.CatalogUsers.FirstOrDefault(o => o.ca_bsi_account == token_entity.user_name); AuthUser usr = new AuthUser() { UserId = token_entity.user_id, UserName = user_entity.ca_bsi_account, SessionToken = token_entity.session_token, Permissions = (List <string>)memoryCache.GetOrCreate("Permission_" + token_entity.user_id, f => { var permissions = info.GetPermissionsByUserId(token_entity.user_id).Select(o => o.Code).ToList(); return(permissions); }) }; token_entity.expire_time = DateTime.Now.AddMinutes(getSessionTimeOut(_context)); _context.SaveChanges(); context.User = usr; } } string authHeader = context.Request.Headers["Authorization"]; if (authHeader != null && authHeader.StartsWith("Basic")) { //Extract credentials string encodedUsernamePassword = authHeader.Substring("Basic ".Length).Trim(); Encoding encoding = Encoding.GetEncoding("iso-8859-1"); string usernamePassword = encoding.GetString(Convert.FromBase64String(encodedUsernamePassword)); _logger.LogError(usernamePassword); int seperatorIndex = usernamePassword.IndexOf(':'); var username = usernamePassword.Substring(0, seperatorIndex); var password = usernamePassword.Substring(seperatorIndex + 1); if (_authentications.FirstOrDefault(o => o.Item1 == username && o.Item2 == password) != null) { await _next.Invoke(context); } else { context.Response.Headers["WWW-Authenticate"] = "Basic";// no authorization header context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; return; } } else { context.Response.Headers["WWW-Authenticate"] = "Basic";// no authorization header context.Response.StatusCode = (int)HttpStatusCode.Unauthorized; return; } }