public async Task Invoke(HttpContext context) { bool sessionConfirmed = true; string clientId = string.Empty; try { clientId = context.User?.Identity?.Name; var token = context.User?.Identity?.GetToken(); if (!string.IsNullOrEmpty(token) && _checkMethods.Contains(context.Request.Method, StringComparer.InvariantCultureIgnoreCase) && !_sessionCheckSettings.SkipPaths.Any(x => context.Request.Path.StartsWithSegments(x, StringComparison.InvariantCultureIgnoreCase))) { sessionConfirmed = context.User?.Identity?.IsSessionConfirmed() ?? false; if (!sessionConfirmed && !string.IsNullOrEmpty(token)) { var session = await _clientSessionsClient.GetAsync(token); sessionConfirmed = session.IsSessionConfirmed || session.Registered <= _sessionCheckSettings.AutoconfirmedDate; if (sessionConfirmed) { await _lykkePrincipal.SetSessionConfirmedAsync(); } } } } catch (Exception ex) { _log.WriteError(nameof(CheckSessionMiddleware), clientId, ex); } if (sessionConfirmed) { await _next.Invoke(context); } else { context.Response.StatusCode = 403; } }