public AuthenticationService(
IOptions <AppSettings> appSettings,
hairdressing_project_dbContext context,
IConfiguration configuration
)
{
_appSettings = appSettings.Value;
_context = context;
_configuration = configuration;
}
public UsersController(hairdressing_project_dbContext context,
IAuthenticationService authenticationService,
IAuthorizationService authorizationService,
IEmailService emailService,
IUsersContext usersContext)
{
_context = context;
_authenticationService = authenticationService;
_authorizationService = authorizationService;
_emailService = emailService;
_usersContext = usersContext;
}
/// <summary>
/// Constructor to be added to the dependency injection container
/// </summary>
/// <param name="context">EF's database context</param>
/// <param name="authenticationService">Authentication service for hair styles</param>
public HairStylesContext(hairdressing_project_dbContext context, IAuthenticationService authenticationService)
{
_context = context;
_authenticationService = authenticationService;
}
public FaceShapeLinksController(hairdressing_project_dbContext context, Services.IAuthorizationService authorizationService)
{
_context = context;
_authorizationService = authorizationService;
}
/// <summary>
/// Constructor to be added to the dependency injection container
/// </summary>
/// <param name="context">EF's database context</param>
/// <param name="authenticationService">Authentication service for users</param>
public FaceShapeLinksContext(hairdressing_project_dbContext context, IAuthenticationService authenticationService)
{
_context = context;
_authenticationService = authenticationService;
}
public ColoursController(hairdressing_project_dbContext context, Services.IAuthorizationService authorizationService)
{
_context = context;
_authorizationService = authorizationService;
}
public AuthorizationService(IAuthenticationService authenticationService, hairdressing_project_dbContext context)
{
_authenticationService = authenticationService;
_context = context;
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(
IApplicationBuilder app,
IWebHostEnvironment env,
IAuthenticationService authenticationService,
hairdressing_project_dbContext dbContext
)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/error");
// app.UseHsts();
}
// Forwarded headers
app.UseForwardedHeaders();
// Global CORS
app.UseCors(AllowedOriginsConf);
// app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseMiddleware <LoggingService>();
if (Program.RESTRICT_ACCESS)
{
app.UseWhen(
ctx => !OpenRoutes.Any(r => ctx.Request.Path.Value.Contains(r)),
builder =>
{
builder.Use(async(ctx, next) =>
{
using (var servicesScope = app.ApplicationServices.CreateScope())
{
var services = servicesScope.ServiceProvider;
var _authService = services.GetService <IAuthorizationService>();
string authToken = _authService.GetAuthToken(ctx.Request);
if (authToken != null && authenticationService.ValidateUserToken(authToken))
{
string userId = authenticationService.GetUserIdFromToken(authToken);
if (ulong.TryParse(userId, out ulong id))
{
var _dbCtx = services.GetService <hairdressing_project_dbContext>();
var user = await _dbCtx.Users.FindAsync(id);
if (user != null)
{
if (RestrictedRoutes.Any(r => ctx.Request.Path.Value.Contains(r)))
{
if (ctx.Request.Path.Value.StartsWith("/users") || ctx.Request.Path.Value.StartsWith("/accounts"))
{
var reqId = ctx.Request.Path.Value.Split("/").Last();
if (!string.IsNullOrWhiteSpace(reqId) && reqId != "users")
{
if (ulong.TryParse(reqId, out ulong parsedPathId))
{
if (id != parsedPathId && user.UserRole != "admin")
{
await ReturnErrorMessage(ctx);
return;
}
}
}
else
{
if (user.UserRole != "admin")
{
await ReturnErrorMessage(ctx);
return;
}
}
}
}
await next();
return;
}
}
}
await ReturnErrorMessage(ctx);
return;
}
});
}
);
}
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
