public override void OnActionExecuting(ActionExecutingContext context) { // check if session cookie exists and is valid ISessionParser sessionParser = new AuthHeaderReader(); Guid sessionID; sessionID = sessionParser.GetSessionID(context.HttpContext); if (sessionID == Guid.Empty) { context.Result = new BadRequestResult(); return; } // check if session exists Resource res = new Resource(); IDbClient db = new DbClient(res.GetString("db_base_path")); if (db.Contains <Session, Guid>(res.GetString("db_sessions_path"), "_id", sessionID)) { Session session = db.FindByField <Session, Guid>(res.GetString("db_sessions_path"), "_id", sessionID)[0]; User user = db.FindByField <User, Guid>(res.GetString("db_users_path"), "_id", session.UserId)[0]; context.HttpContext.Items.Add("currentUser", user); return; } context.Result = new UnauthorizedResult(); }
public void Test_BadInput() { ISessionParser sessionParser = new AuthHeaderReader(); Assert.Throws <ArgumentNullException>(() => sessionParser.GetSessionID(null) ); }
public void Test_InvalidId() { ISessionParser sessionParser = new AuthHeaderReader(); var mockHttp = new MockHttpHeaders() .MockGetHeader(HEADER_KEY, true, "asf"); Guid sessionID = sessionParser.GetSessionID(mockHttp.Object); Assert.Equal(sessionID, Guid.Empty); }
public void Test_GoodInput() { Guid id = Guid.NewGuid(); ISessionParser sessionParser = new AuthHeaderReader(); var mockHttp = new MockHttpHeaders() .MockGetHeader(HEADER_KEY, true, id.ToString()); Guid sessionID = sessionParser.GetSessionID(mockHttp.Object); Assert.Equal(sessionID, id); }