public override void OnActionExecuting(ActionExecutingContext context)
{
// check if session cookie exists and is valid
ISessionParser sessionParser = new AuthHeaderReader();
Guid sessionID;
sessionID = sessionParser.GetSessionID(context.HttpContext);
if (sessionID == Guid.Empty)
{
context.Result = new BadRequestResult();
return;
}
// check if session exists
Resource res = new Resource();
IDbClient db = new DbClient(res.GetString("db_base_path"));
if (db.Contains <Session, Guid>(res.GetString("db_sessions_path"), "_id", sessionID))
{
Session session = db.FindByField <Session, Guid>(res.GetString("db_sessions_path"),
"_id", sessionID)[0];
User user = db.FindByField <User, Guid>(res.GetString("db_users_path"),
"_id", session.UserId)[0];
context.HttpContext.Items.Add("currentUser", user);
return;
}
context.Result = new UnauthorizedResult();
}
public void Test_BadInput()
{
ISessionParser sessionParser = new AuthHeaderReader();
Assert.Throws <ArgumentNullException>(() =>
sessionParser.GetSessionID(null)
);
}
public void Test_InvalidId()
{
ISessionParser sessionParser = new AuthHeaderReader();
var mockHttp = new MockHttpHeaders()
.MockGetHeader(HEADER_KEY, true, "asf");
Guid sessionID = sessionParser.GetSessionID(mockHttp.Object);
Assert.Equal(sessionID, Guid.Empty);
}
public void Test_GoodInput()
{
Guid id = Guid.NewGuid();
ISessionParser sessionParser = new AuthHeaderReader();
var mockHttp = new MockHttpHeaders()
.MockGetHeader(HEADER_KEY, true, id.ToString());
Guid sessionID = sessionParser.GetSessionID(mockHttp.Object);
Assert.Equal(sessionID, id);
}
