public async Task Invoke(HttpContext context)
{
var headers = context.Request.Headers;
var apiSecret = string.Empty;
if (!headers.ContainsKey(API_SECRET_KEY))
{
_logger
.ForContext <AuthorisationMiddleware>()
.Warning("API secret not specified");
}
apiSecret = headers[API_SECRET_KEY];
if (await _customerDataService.IsUserValid(apiSecret))
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Sid, apiSecret)
};
context.User.AddIdentity(new ClaimsIdentity(claims));
}
else
{
_logger
.ForContext <AuthorisationMiddleware>()
.Warning("API secret was not found in the DB.");
}
await _next(context);
}