public IActionResult GetAll()
{
try
{
JwtClaimM jwt_claim = _jwtAuth.GetClaims(Request);
return(Ok(_project.GetAll(jwt_claim.UserId)));
}
catch (Exception e)
{
return(GetError(e));
}
}
public IActionResult Logout(string jwt)
{
try
{
JwtClaimM jwt_claim;
if (string.IsNullOrEmpty(jwt))
{
jwt_claim = _jwtAuth.GetClaims(Request);
}
else
{
jwt_claim = _jwtAuth.GetClaims(jwt);
}
_jwtAuth.RemoveAudience(jwt_claim.AdminUserId, jwt_claim.UserId);
return(Ok("Logout success"));
}
catch (Exception e)
{
return(GetError(e));
}
}
public IActionResult Logout()
{
try
{
JwtClaimM jwt_claim = _jwtAuth.GetClaims(Request);
_jwtAuth.RemoveAudience(jwt_claim.AdminUserId, jwt_claim.UserId);
return(Ok("Logout success"));
}
catch (Exception e)
{
return(GetError(e));
}
}
public void OnAuthorization(AuthorizationFilterContext context)
{
try
{
JwtClaimM jwtClaim = _jwtAuth.GetClaims(context.HttpContext.Request);
if (context.HttpContext.Request.RouteValues.TryGetValue("user_id", out object value))
{
if (Guid.TryParse(value.ToString(), out Guid user_id))
{
if (!jwtClaim.UserId.Equals(user_id))
{
context.Result = new UnauthorizedObjectResult(new HttpResponseError
{
StatusCode = 404,
Detail = new HttpResponseErrorDetail
{
Message = "Unable to find resource!",
InnerMessage = "The 'user id' with value '" + user_id.ToString() + "' is not exist!"
}
});
}
}
else
{
context.Result = new UnauthorizedResult();
}
}
else
{
context.Result = new UnauthorizedResult();
}
}
catch (Exception e)
{
var se = _errorHandler.WriteLog("Error while authorize user!",
e, DateTime.Now, "Server", "Attribute_ApplicationAdminFilter_OnAuthorization");
context.Result = new ObjectResult("")
{
StatusCode = 500,
Value = new ServerExceptionVM
{
Message = se.Message,
TraceId = se.TraceId,
Side = se.Side
}
};
}
}
public void OnAuthorization(AuthorizationFilterContext context)
{
try
{
JwtClaimM jwtClaim = _jwtAuth.GetClaims(context.HttpContext.Request);
if (!jwtClaim.ApplicationRole.Equals(ApplicationRole.Application_Admin))
{
context.Result = new ObjectResult("")
{
StatusCode = 403,
Value = new HttpResponseError
{
StatusCode = 403,
Detail = new HttpResponseErrorDetail
{
Message = "Forbidden!",
InnerMessage = "You do not have permission to do this action"
}
}
};
}
}
catch (Exception e)
{
var se = _errorHandler.WriteLog("Error while authorize user!",
e, DateTime.Now, "Server", "Attribute_ApplicationAdminFilter_OnAuthorization");
context.Result = new ObjectResult("")
{
StatusCode = 500,
Value = new ServerExceptionVM
{
Message = se.Message,
TraceId = se.TraceId,
Side = se.Side
}
};
}
}
