public async Task Invoke(HttpContext context)
{
//get the current ip
var bannedIps = _securitySettings.GetBannedIps();
//is it one of the banned ips?
var ip = WebHelper.GetClientIpAddress();
var blockRequest = bannedIps != null && bannedIps.Any() && bannedIps.Contains(ip);
if (!blockRequest)
{
//is admin area ip restricted?
var adminIps = _securitySettings.GetAdminRestrictedIps();
var isAdminArea = ApplicationEngine.IsAdmin();
if (isAdminArea && adminIps != null && adminIps.Any() && !adminIps.Contains(ip))
{
blockRequest = true;
}
}
//block if required
if (blockRequest)
{
context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
await _next(context);
}