public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { // Check if AccessKey (Name & Value) is provided within the Header of the request if (!context.HttpContext.Request.Headers.TryGetValue("AccessKey", out var InputAccessKey)) { context.Result = new UnauthorizedResult(); return; } AccessKeyRecord record = await AccessKeyQueryHandler.FindRecordAsync(InputAccessKey).ConfigureAwait(true); if (record.StoreAccessKey.Equals(string.Empty)) { context.Result = new UnauthorizedResult(); return; } if (DateTime.Today.Date < record.UserStartDate) { context.Result = new UnauthorizedResult(); return; } if (DateTime.Today.Date < record.UserStartDate) { context.Result = new UnauthorizedResult(); return; } await next(); }
public static async Task <AccessKeyRecord> FindRecordAsync(string AccessKey) { AccessKeyRecord record = new AccessKeyRecord(); using (SqlConnection connection = new SqlConnection(Resources.SqlServerConnectionString)) { connection.Open(); SqlCommand command = new SqlCommand() { Connection = connection, CommandType = CommandType.StoredProcedure, CommandText = "[Store].[ReturnAccessKey]" }; command.Parameters.AddWithValue("@AccessKey", AccessKey); SqlDataReader reader = await command.ExecuteReaderAsync().ConfigureAwait(false); if (reader.HasRows) { while (await reader.ReadAsync().ConfigureAwait(true)) { for (int i = 0; i < reader.FieldCount; i++) { if (reader.GetName(i).Equals("AccessKey")) { record.StoreAccessKey = reader[i].ToString(); } if (reader.GetName(i).Equals("StoreUsername")) { record.StoreUsername = reader[i].ToString(); } if (reader.GetName(i).Equals("FirstName")) { record.UserFirstName = reader[i].ToString(); } if (reader.GetName(i).Equals("LastName")) { record.UserLastName = reader[i].ToString(); } if (reader.GetName(i).Equals("MiddleName")) { record.UserMiddleName = reader[i].ToString(); } if (reader.GetName(i).Equals("AccessStartDate")) { record.UserStartDate = DateTime.Parse(reader[i].ToString()); } if (reader.GetName(i).Equals("AccessEndDate")) { record.UserEndDate = DateTime.Parse(reader[i].ToString()); } } } } return(record); } }