예제 #1
0
        private TokenInformation GetToken(AppUser appUser)
        {
            string role;

            if (appUser.Client != null)
            {
                UserStatus userStatus = _userStatusService.CalculateUserStatus(appUser);
                if (userStatus != UserStatus.ACTIVE)
                {
                    throw new InvalidCredentialsException("Invalid username or password");
                }

                role = "CLIENT";
            }
            else if (appUser.Employee != null)
            {
                role = "EMPLOYEE";
            }
            else if (appUser.Trainer != null)
            {
                role = "TRAINER";
            }
            else
            {
                throw new Exception("Invalid user without assigned role");
            }

            return(new TokenInformation
            {
                AccessToken = JWTUtil.CreateToken(appUser.Id, role),
                Role = role
            });
        }
예제 #2
0
        public UserInfo IsAuthorized(HttpRequest request, string[] roles)
        {
            var token  = request.Headers["Authorization"];
            var claims = JWTUtil.VerifyToken(token).Claims;

            UserInfo userInfo = new UserInfo
            {
                Id   = int.Parse(claims.Where(x => x.Type == ClaimTypes.Name).FirstOrDefault().Value),
                Role = claims.Where(x => x.Type == ClaimTypes.Role).FirstOrDefault().Value
            };

            if (!roles.Contains(userInfo.Role))
            {
                throw new InvalidTokenException("Invalid role");
            }

            return(userInfo);
        }