public async Task Invoke(HttpContext context)
{
bool sessionConfirmed = true;
string clientId = string.Empty;
try
{
clientId = context.User?.Identity?.Name;
var token = context.User?.Identity?.GetToken();
if (!string.IsNullOrEmpty(token) && _checkMethods.Contains(context.Request.Method, StringComparer.InvariantCultureIgnoreCase) &&
!_sessionCheckSettings.SkipPaths.Any(x => context.Request.Path.StartsWithSegments(x, StringComparison.InvariantCultureIgnoreCase)))
{
sessionConfirmed = context.User?.Identity?.IsSessionConfirmed() ?? false;
if (!sessionConfirmed && !string.IsNullOrEmpty(token))
{
var session = await _clientSessionsClient.GetAsync(token);
sessionConfirmed = session.IsSessionConfirmed ||
session.Registered <= _sessionCheckSettings.AutoconfirmedDate;
if (sessionConfirmed)
{
await _lykkePrincipal.SetSessionConfirmedAsync();
}
}
}
}
catch (Exception ex)
{
_log.WriteError(nameof(CheckSessionMiddleware), clientId, ex);
}
if (sessionConfirmed)
{
await _next.Invoke(context);
}
else
{
context.Response.StatusCode = 403;
}
}
