public async Task Invoke(HttpContext context, CallContext callContext, AuthTokenStore tokenStore, ILogger <ExceptionFilter> logger) { if (!context.Request.Path.Value.Contains("api/user-management/users/login") && !context.Request.Path.Value.Contains("swagger/ui") && !context.Request.Path.Value.Contains("swagger/api")) { var token = context.Request.Headers.SingleOrDefault(x => x.Key == "AccessToken"); if (string.IsNullOrWhiteSpace(token.Value)) { await NotAuthorized(context, "Missing authorization token in request"); return; } var isTokenActive = tokenStore.IsTokenActive(token.Value); if (!isTokenActive) { var accessToken = tokenStore.GetToken(token.Value); tokenStore.RemoveToken(accessToken); await NotAuthorized(context, "Inactive authorization token"); return; } callContext.SetUserId(tokenStore.GetUserByToken(token.Value)); } await next.Invoke(context); }
public UserCommandHandler(UserRepository repository, IHashingService hashingService, IUserSearcher userSearcher, ITokenFactory tokenFactory, AuthTokenStore authTokenStore, IUserFactory userFactory) { this.repository = repository; this.hashingService = hashingService; this.userSearcher = userSearcher; this.tokenFactory = tokenFactory; this.authTokenStore = authTokenStore; this.userFactory = userFactory; }
public async Task Login(Login loginCommand, IHashingService hashingService, ITokenFactory tokenFactory, AuthTokenStore tokenStore) { if (!hashingService.DoPasswordsMatch(loginCommand.Password, Password)) { throw new LoginFailed("UserManagement", "Email or password do not match. Login failed"); } var token = await tokenFactory.Create(Id); tokenStore.AddToken(token); loginCommand.GeneratedToken = token.Value; }