public async Task Invoke(HttpContext context, CallContext callContext, AuthTokenStore tokenStore, ILogger <ExceptionFilter> logger)
{
if (!context.Request.Path.Value.Contains("api/user-management/users/login") &&
!context.Request.Path.Value.Contains("swagger/ui") && !context.Request.Path.Value.Contains("swagger/api"))
{
var token = context.Request.Headers.SingleOrDefault(x => x.Key == "AccessToken");
if (string.IsNullOrWhiteSpace(token.Value))
{
await NotAuthorized(context, "Missing authorization token in request");
return;
}
var isTokenActive = tokenStore.IsTokenActive(token.Value);
if (!isTokenActive)
{
var accessToken = tokenStore.GetToken(token.Value);
tokenStore.RemoveToken(accessToken);
await NotAuthorized(context, "Inactive authorization token");
return;
}
callContext.SetUserId(tokenStore.GetUserByToken(token.Value));
}
await next.Invoke(context);
}
public UserCommandHandler(UserRepository repository, IHashingService hashingService, IUserSearcher userSearcher, ITokenFactory tokenFactory, AuthTokenStore authTokenStore, IUserFactory userFactory)
{
this.repository = repository;
this.hashingService = hashingService;
this.userSearcher = userSearcher;
this.tokenFactory = tokenFactory;
this.authTokenStore = authTokenStore;
this.userFactory = userFactory;
}
public async Task Login(Login loginCommand, IHashingService hashingService, ITokenFactory tokenFactory, AuthTokenStore tokenStore)
{
if (!hashingService.DoPasswordsMatch(loginCommand.Password, Password))
{
throw new LoginFailed("UserManagement", "Email or password do not match. Login failed");
}
var token = await tokenFactory.Create(Id);
tokenStore.AddToken(token);
loginCommand.GeneratedToken = token.Value;
}
