public Task Invoke(HttpContext httpContext)
{
var context = new AspNetCoreDashboardContext(_storage, _options, httpContext);
var findResult = _routes.FindDispatcher(httpContext.Request.Path.Value);
if (findResult == null)
{
return(_next.Invoke(httpContext));
}
// ReSharper disable once LoopCanBeConvertedToQuery
foreach (var filter in _options.Authorization)
{
if (!filter.Authorize(context))
{
var isAuthenticated = httpContext.User?.Identity?.IsAuthenticated;
httpContext.Response.StatusCode = isAuthenticated == true
? (int)HttpStatusCode.Forbidden
: (int)HttpStatusCode.Unauthorized;
return(Task.FromResult(0));
}
}
context.UriMatch = findResult.Item2;
return(findResult.Item1.Dispatch(context));
}
public Task Invoke(HttpContext httpContext)
{
var context = new AspNetCoreDashboardContext(_storage, _options, httpContext);
var findResult = _routes.FindDispatcher(httpContext.Request.Path.Value);
if (findResult == null)
{
return _next.Invoke(httpContext);
}
// ReSharper disable once LoopCanBeConvertedToQuery
foreach (var filter in _options.Authorization)
{
if (!filter.Authorize(context))
{
// If status code has a non-default value, then it was changed
// by one of authorization filters. In this case, we should
// leave everything as is.
if (!httpContext.Response.HasStarted && httpContext.Response.StatusCode == 200)
{
httpContext.Response.StatusCode = (int) HttpStatusCode.Forbidden;
return httpContext.Response.WriteAsync("403 Forbidden");
}
}
}
context.UriMatch = findResult.Item2;
return findResult.Item1.Dispatch(context);
}
public Task Invoke(HttpContext httpContext)
{
var context = new AspNetCoreDashboardContext(_storage, _options, httpContext);
var findResult = _routes.FindDispatcher(httpContext.Request.Path.Value);
if (findResult == null)
{
return(_next.Invoke(httpContext));
}
// ReSharper disable once LoopCanBeConvertedToQuery
foreach (var filter in _options.Authorization)
{
if (!filter.Authorize(context))
{
// If status code has a non-default value, then it was changed
// by one of authorization filters. In this case, we should
// leave everything as is.
if (!httpContext.Response.HasStarted && httpContext.Response.StatusCode == 200)
{
httpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return(httpContext.Response.WriteAsync("403 Forbidden"));
}
}
}
context.UriMatch = findResult.Item2;
return(findResult.Item1.Dispatch(context));
}
public async Task Invoke(HttpContext httpContext)
{
var context = new AspNetCoreDashboardContext(_storage, _options, httpContext);
var findResult = _routes.FindDispatcher(httpContext.Request.Path.Value);
if (findResult == null)
{
await _next.Invoke(httpContext);
return;
}
// ReSharper disable once LoopCanBeConvertedToQuery
foreach (var filter in _options.Authorization)
{
if (!filter.Authorize(context))
{
httpContext.Response.StatusCode = GetUnauthorizedStatusCode(httpContext);
return;
}
}
foreach (var filter in _options.AsyncAuthorization)
{
if (!await filter.AuthorizeAsync(context))
{
httpContext.Response.StatusCode = GetUnauthorizedStatusCode(httpContext);
return;
}
}
if (!_options.IgnoreAntiforgeryToken)
{
var antiforgery = httpContext.RequestServices.GetService <IAntiforgery>();
if (antiforgery != null)
{
var requestValid = await antiforgery.IsRequestValidAsync(httpContext);
if (!requestValid)
{
// Invalid or missing CSRF token
httpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;
return;
}
}
}
context.UriMatch = findResult.Item2;
await findResult.Item1.Dispatch(context);
}
public Task Invoke(HttpContext httpContext)
{
var context = new AspNetCoreDashboardContext(_storage, _options, httpContext);
var findResult = _routes.FindDispatcher(httpContext.Request.Path.Value);
if (findResult == null)
{
return(_next.Invoke(httpContext));
}
// ReSharper disable once LoopCanBeConvertedToQuery
foreach (var filter in _options.Authorization)
{
if (!filter.Authorize(context))
{
httpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
return(httpContext.Response.WriteAsync("401 Unauthorized"));
}
}
context.UriMatch = findResult.Item2;
return(findResult.Item1.Dispatch(context));
}
public Task Invoke(HttpContext httpContext)
{
var context = new AspNetCoreDashboardContext(_storage, _options, httpContext);
var findResult = _routes.FindDispatcher(httpContext.Request.Path.Value);
if (findResult == null)
{
return _next.Invoke(httpContext);
}
// ReSharper disable once LoopCanBeConvertedToQuery
foreach (var filter in _options.Authorization)
{
if (!filter.Authorize(context))
{
httpContext.Response.StatusCode = (int) HttpStatusCode.Unauthorized;
return httpContext.Response.WriteAsync("401 Unauthorized");
}
}
context.UriMatch = findResult.Item2;
return findResult.Item1.Dispatch(context);
}
