public override void OnException(ExceptionContext context)
{
if (context.Exception is RefreshTokenWrong)
{
var response = new ErrorResultInfo
{
Code = RequestResult.InvalidRefreshToken.Code.GlobalCode,
Errors = new[]
{
new ErrorInfo
{
Code = RequestResult.InvalidRefreshToken.Code.CodeString,
Message = RequestResult.InvalidRefreshToken.Code.Message,
Field = "refreshToken"
}
},
Message = RequestResult.InvalidRefreshToken.Code.Message
};
context.Result = new JsonResult(response);
context.HttpContext.Response.StatusCode = (int)ResponseResult.BadParameters.Code.HttpCode;
return;
}
if (context.Exception is CredentialWrong)
{
var response = new ErrorResultInfo
{
Code = RequestResult.InvalidLoginOrPassword.Code.GlobalCode,
Errors = new[]
{
new ErrorInfo
{
Code = RequestResult.InvalidLoginOrPassword.Code.CodeString,
Message = RequestResult.InvalidLoginOrPassword.Code.Message
}
},
Message = RequestResult.InvalidLoginOrPassword.Code.Message
};
context.Result = new JsonResult(response);
context.HttpContext.Response.StatusCode = (int)ResponseResult.BadParameters.Code.HttpCode;
return;
}
if (context.Exception is UserAlreadyExist)
{
var response = new ErrorResultInfo
{
Code = ResponseResult.UserAlreadyExist.Code.CodeString,
Errors = new[]
{
new ErrorInfo
{
Code = ResponseResult.UserAlreadyExist.Code.CodeString,
Message = ResponseResult.UserAlreadyExist.Description
}
}
};
context.Result = new JsonResult(response);
context.HttpContext.Response.StatusCode = (int)ResponseResult.UserAlreadyExist.Code.HttpCode;
return;
}
if (context.Exception is PasswordNotSecurity)
{
var response = new ErrorResultInfo
{
Code = ResponseResult.PasswordNotSecurity.Code.CodeString,
Errors = new[]
{
new ErrorInfo
{
Code = ResponseResult.PasswordNotSecurity.Code.CodeString,
Message = ResponseResult.PasswordNotSecurity.Description
}
}
};
context.Result = new JsonResult(response);
context.HttpContext.Response.StatusCode = (int)ResponseResult.PasswordNotSecurity.Code.HttpCode;
return;
}
if (context.Exception is AcccountDeactivatedException)
{
var response = new ErrorResultInfo
{
Code = ResponseResult.AccountDeactivated.Code.CodeString,
Errors = new[]
{
new ErrorInfo
{
Code = ResponseResult.AccountDeactivated.Code.CodeString,
Message = ResponseResult.AccountDeactivated.Description
}
}
};
context.Result = new JsonResult(response);
context.HttpContext.Response.StatusCode = (int)ResponseResult.AccountDeactivated.Code.HttpCode;
return;
}
var res = new ErrorResultInfo
{
Code = ResponseResult.InternalError.Code.CodeString,
Errors = new[]
{
new ErrorInfo
{
Code = ResponseResult.InternalError.Code.CodeString,
Message = context.Exception.Message
}
}
};
context.Result = new JsonResult(res);
context.HttpContext.Response.StatusCode = (int)ResponseResult.InternalError.Code.HttpCode;
}
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, AuthRequirement requirement)
{
var resources = context.Resource;
if (resources != null)
{
StringValues tokens;
var filterContext = resources as FilterContext;
if (filterContext != null && !filterContext.HttpContext.Request.Headers.TryGetValue("Authorization", out tokens))
{
context.Fail();
var Response = filterContext.HttpContext.Response;
var model = new ErrorResultInfo
{
Code = ResponseResult.NotAuthorized.Code.GlobalCode,
Errors = new[]
{
new ErrorInfo
{
Code = ResponseResult.NotAuthorized.Code.CodeString,
Message = ResponseResult.NotAuthorized.Description,
Field = ResponseResult.NotAuthorized.Field
}
}
};
var message = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(model, new JsonSerializerSettings
{
ContractResolver = new CamelCasePropertyNamesContractResolver()
}));
Response.OnStarting(async() =>
{
filterContext.HttpContext.Response.StatusCode = (int)ResponseResult.NotAuthorized.Code.HttpCode;
filterContext.HttpContext.Response.ContentType = "application / json";
await Response.Body.WriteAsync(message, 0, message.Length);
});
return(Task.CompletedTask);
}
else
{
var token = tokens.First();
int index = token.IndexOf("Bearer ", StringComparison.Ordinal);
string cleanToken = (index < 0)
? token
: token.Remove(index, "Bearer ".Length);
var res = TokenHelper.CheckAccessToken(cleanToken);
if (!res)
{
var Response = filterContext.HttpContext.Response;
var model = new ErrorResultInfo
{
Code = ResponseResult.NotAuthorized.Code.CodeString
,
Errors = new[]
{
new ErrorInfo
{
Code = ResponseResult.NotAuthorized.Code.CodeString,
Message = "Wrong access token",
Field = "accessToken"
}
}
};
var message = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(model, new JsonSerializerSettings
{
ContractResolver = new CamelCasePropertyNamesContractResolver()
}));
Response.OnStarting(async() =>
{
filterContext.HttpContext.Response.StatusCode = (int)ResponseResult.NotAuthorized.Code.HttpCode;
filterContext.HttpContext.Response.ContentType = "application / json";
await Response.Body.WriteAsync(message, 0, message.Length);
});
return(Task.CompletedTask);
}
var tokenPayload = Bll.Helpers.TokenHelper.GetPayloadByJwtToken <AccessTokenModel>(cleanToken).model;
if (tokenPayload != null)
{
var model = CacheStoreHelper[CommonConstants.AccessTokenPrefix + cleanToken];
if (model == null)
{
context.Fail();
return(Task.CompletedTask);
}
var principal = new UserPrincipal(new GenericIdentity(tokenPayload.UserId.ToString()), new string[0])
{
UserModel = model
};
Context.User = principal;
context.Succeed(requirement);
return(Task.CompletedTask);
}
}
}
context.Fail();
return(Task.CompletedTask);
}
