public Task <AuthorizationResult> Evaluate <TRequest>(TRequest request, FeatureInfo feature)
{
if (feature.IsIn("Accounts"))
{
return(Task.FromResult(AuthorizationResult.Succeed()));
}
if (_userSession.IsAnonymous)
{
return(Task.FromResult(AuthorizationResult.Fail("Authentication is required")));
}
return(Task.FromResult(AuthorizationResult.Succeed()));
}
public async Task <AuthorizationResult> Evaluate <TRequest>(TRequest request, FeatureInfo feature)
{
if (feature.IsIn("Admin"))
{
if (_userSession.IsAnonymous || (await _userSession.User())?.IsAdmin == false)
{
return(AuthorizationResult.Fail("Unauthorized access"));
}
}
if (feature.Implements <IMustBeAuthenticated>() && _userSession.IsAnonymous)
{
return(AuthorizationResult.Fail("Authentication is required"));
}
return(AuthorizationResult.Succeed());
}
