public async Task <IActionResult> Post(
[FromBody] AuthLoginBinding binding,
[FromServices] UserSecurityService gamerSecurityService,
CancellationToken cancellationToken)
{
var gamer = await _authorizationRepository.GetUser(binding.Login, cancellationToken);
if (gamer == null)
{
throw new ApiException(HttpStatusCode.NotFound, ErrorCodes.Forbidden, "");
}
if (String.IsNullOrEmpty(gamer.Password))
{
gamerSecurityService.CreatePassword(gamer, binding.Password);
await _authorizationRepository.SaveUser(gamer);
}
else
{
if (!gamerSecurityService.TestPassword(gamer, binding.Password))
{
throw new ApiException(HttpStatusCode.Unauthorized, ErrorCodes.Forbidden, "");
}
}
var sessionId = Guid.NewGuid();
await _authorizationRepository.SaveSession(new Session(sessionId, gamer.Id, 60 * 26, HttpContext.GetIp()));
var roles = new List <String>();
if (gamer.Roles != null)
{
roles.AddRange(gamer.Roles);
}
roles.Add(gamer.Rank.ToString().ToLower());
return(Ok(new TokenView
{
Token = sessionId,
GuildId = gamer.GuildId,
Roles = roles.Distinct(StringComparer.InvariantCultureIgnoreCase).ToArray()
}));
}
public async Task OnAuthorizationAsync(AuthorizationFilterContext context)
{
if (context.HttpContext.Request.Method.Equals(HttpMethod.Options.Method))
{
return;
}
var userId = context.HttpContext.GetUserId();
var gamer = await _authorizationRepository.GetUser(userId, CancellationToken.None);
if (!_roles.Any())
{
return;
}
if (gamer.Roles != null)
{
if (_roles.Any(role => gamer.Roles.Contains(role)))
{
return;
}
}
if (_roles.Any(role => gamer.Rank.ToString().Equals(role, StringComparison.InvariantCultureIgnoreCase)))
{
return;
}
context.Result = new ObjectResult(new ProblemDetails
{
Type = ErrorCodes.Forbidden,
Detail = "access denied",
Status = (Int32)HttpStatusCode.Forbidden,
})
{
StatusCode = (Int32)HttpStatusCode.Forbidden
};
}