public Task <AuthorizationResult> Evaluate <TRequest>(TRequest request, FeatureInfo feature) { if (feature.IsIn("Accounts")) { return(Task.FromResult(AuthorizationResult.Succeed())); } if (_userSession.IsAnonymous) { return(Task.FromResult(AuthorizationResult.Fail("Authentication is required"))); } return(Task.FromResult(AuthorizationResult.Succeed())); }
public async Task <AuthorizationResult> Evaluate <TRequest>(TRequest request, FeatureInfo feature) { if (feature.IsIn("Admin")) { if (_userSession.IsAnonymous || (await _userSession.User())?.IsAdmin == false) { return(AuthorizationResult.Fail("Unauthorized access")); } } if (feature.Implements <IMustBeAuthenticated>() && _userSession.IsAnonymous) { return(AuthorizationResult.Fail("Authentication is required")); } return(AuthorizationResult.Succeed()); }