public async Task InvokeAsync(HttpContext httpContext, IStudentsDbService service)
{
string log = "";
if (httpContext.Request != null)
{
string path = httpContext.Request.Path;
string method = httpContext.Request.Method;
string queryString = httpContext.Request.QueryString.ToString();
string bodyStr = "";
httpContext.Request.EnableBuffering();
using (StreamReader reader = new StreamReader(httpContext.Request.Body, Encoding.UTF8, true, 1024, true))
{
bodyStr = await reader.ReadToEndAsync();
httpContext.Request.Body.Position = 0;
}
log = path + " " + method + " " + queryString + " " + bodyStr + "\n";
service.SaveLogData(log);
}
if (_next != null)
{
await _next(httpContext);
}
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService dbService)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index") ||
!dbService.IsStudentExists(context.Request.Headers["Index"]))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nie poda³eœ indeksu");
return;
}
await next();
});
app.UseRouting(); // /api/students/10/grades GET --> StudentsController i GetStudents
app.UseAuthorization();
app.UseEndpoints(endpoints => // Wykonuje zadania GetStudents()
{
endpoints.MapControllers();
});
}
public IActionResult EnrollStudent([FromBody] EnrollStudentRequest request, [FromServices] IStudentsDbService dbService)
{
Student studentToEnroll = new Student
{
IndexNumber = request.IndexNumber,
LastName = request.LastName,
FirstName = request.FirstName,
BirthDate = request.BirthDate
};
Enrollment tmp = dbService.EnrollStudent(studentToEnroll, request.Studies);
if (tmp == null)
{
return(BadRequest());
}
EnrollStudentResponse response = new EnrollStudentResponse
{
Semester = tmp.Semester,
IdStudy = tmp.IdStudy,
StartDate = tmp.StartDate,
IdEnrollment = tmp.IdEnrollment
};
return(Ok(response));
}
public async Task InvokeAsync(HttpContext context, IStudentsDbService service)
{
context.Request.EnableBuffering();
if (context.Request != null)
{
string path = context.Request.Path;
string method = context.Request.Method;
string queryString = context.Request.QueryString.ToString();
string bodyStr = "";
using (var reader = new StreamReader(context.Request.Body, Encoding.UTF8, true, 1024, true))
{
bodyStr = await reader.ReadToEndAsync();
context.Request.Body.Position = 0;
}
// zapisanie do pliku
using (FileStream fs = new FileStream("requestLogs", FileMode.CreateNew))
{
using (BinaryWriter w = new BinaryWriter(fs))
{
w.Write("Method: " + method);
w.Write("Path: " + path);
w.Write("Body: " + bodyStr);
w.Write("Query: " + queryString);
}
}
}
if (_next != null)
{
await _next(context);
}
}
public string CreatePassword(LoginRequestDto req)
{
string login = req.Login;
string haslo = req.Haslo;
string salt = IStudentsDbService.CreateSalt();
string pass = IStudentsDbService.Create(haslo, salt);
using (SqlConnection con = new SqlConnection(ConnString))
using (SqlCommand com = new SqlCommand())
{
con.Open();
SqlTransaction trans = con.BeginTransaction();
com.Connection = con;
com.Transaction = trans;
try
{
com.CommandText = "update student set Salt = @salt, Password = @password where IndexNumber = @login";
com.Parameters.AddWithValue("login", login);
com.Parameters.AddWithValue("salt", salt);
com.Parameters.AddWithValue("password", pass);
com.ExecuteNonQuery();
trans.Commit();
}
catch (Exception e)
{
trans.Rollback();
return("blad: " + e.ToString());
}
}
return("Ustawiono bezpieczne haslo");
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService IstDb)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("IndexNumber") || !IstDb.MidIfIndexExist(context.Request.Headers["IndexNumber"].ToString()))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Error with your key");
return;
}
await next();
});
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
public Boolean CreatePassword(LoginRequest req)
{
var id = req.Login;
var pass = req.Haslo;
var salt = IStudentsDbService.CreateSalt();
var s = IStudentsDbService.Create(pass, salt);
using (SqlConnection con = new SqlConnection(ConnString))
using (SqlCommand com = new SqlCommand())
{
con.Open();
SqlTransaction trans = con.BeginTransaction();
com.Connection = con;
com.Transaction = trans;
try
{
com.CommandText = "update student set Salt = @salt, Password = @pass where IndexNumber = @id";
com.Parameters.AddWithValue("id", id);
com.Parameters.AddWithValue("salt", salt);
com.Parameters.AddWithValue("pass", s);
com.ExecuteNonQuery();
trans.Commit();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
trans.Rollback();
return(false);
}
}
return(true);
}
public async Task InvokeAsync(HttpContext context, IStudentsDbService service) // middlewarei invoke ettigimz metod
{
if (context.Request != null)
{
string method = context.Request.Method;
string path = context.Request.Path.ToString(); // /api/enrollment
string queryst = context.Request?.QueryString.ToString(); //nullable
string body = "";
using (StreamReader reader = new StreamReader(context.Request.Body, Encoding.UTF8, true, 1024, true)) //size of the buffer , leave open(true)
{
body = await reader.ReadToEndAsync();
}
var logfile = @"C:\Users\aysen\Desktop\apbd\tutorials\tut6\tutorial6\tutorial6\requestsLog.txt";
StreamWriter writer = File.AppendText(logfile);
writer.WriteLine(method);
writer.WriteLine(path);
writer.WriteLine(body);
writer.WriteLine(queryst);
writer.WriteLine("------------------------");
writer.Close();
//or log to database
service.SaveLogData("data...");
}
if (_next != null) //if it isnt the last middleware
{
await _next(context); //executes next middleware(passing req)
}
}
public async Task InvokeAsync(HttpContext context, IStudentsDbService studentsDbService)
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("No Index number entered");
return;
}
var index = context.Request.Headers["Index"].ToString();
if (!studentsDbService.CheckIfStudentExists(index))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Unauthorized access");
return;
}
if (_next != null)
{
await _next(context);
}
}
public async Task InvokeAsync(HttpContext httpContext, IStudentsDbService service)
{
httpContext.Request.EnableBuffering();
if (httpContext.Request != null)
{
string sciezka = httpContext.Request.Path; //"weatherforecast/cos"
string querystring = httpContext.Request?.QueryString.ToString();
string metoda = httpContext.Request.Method.ToString();
string bodyStr = "";
using (StreamReader reader
= new StreamReader(httpContext.Request.Body, Encoding.UTF8, true, 1024, true))
{
bodyStr = await reader.ReadToEndAsync();
}
using (System.IO.StreamWriter file =
new System.IO.StreamWriter(@"C:\Users\Paulina\Desktop\requestsLog.txt", true))
{
file.WriteLine("sciezka: " + sciezka
+ "{0}querystring: " + querystring
+ "{0}metoda: " + metoda
+ "{0}bodyStr: " + bodyStr);
}
}
await _next(httpContext);
}
public async Task InvokeAsync(HttpContext context, IStudentsDbService service)
{
if (context.Request != null)
{
string method = context.Request.Method;
string path = context.Request.Path.ToString();
string queryst = context.Request?.QueryString.ToString();
string body = "";
using (StreamReader reader = new StreamReader(context.Request.Body, Encoding.UTF8, true, 1024, true))
{
body = await reader.ReadToEndAsync();
}
var logfile = @"C:\Users\tahas\Desktop\apbd\tutorials\tut6\tutorial6\tutorial6\requestsLog.txt";
StreamWriter writer = File.AppendText(logfile);
writer.WriteLine(method);
writer.WriteLine(path);
writer.WriteLine(body);
writer.WriteLine(queryst);
writer.WriteLine("------------------------");
writer.Close();
service.SaveLogData("data...");
}
if (_next != null)
{
await _next(context);
}
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService service)
{
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Improper request: Index number is required in the Headers");
return;
}
string index = context.Request.Headers["Index"].ToString();
var stud = service.GetStudent(index);
if (stud == null)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Improper request: Index number is not in the database");
return;
}
await next();
});
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService dbService)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.Use(async(context, next) => {
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nie podałeś indeksu");
return;
}
var index = context.Request.Headers["Index"].ToString();
if (dbService.CheckStudentIndex(index) == null)
{
context.Response.StatusCode = StatusCodes.Status404NotFound;
await context.Response.WriteAsync("Student o podanym numerze indeksu nie istnieje");
return;
}
await next();
});
app.UseMiddleware <LoggingMiddleware>();
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints => { endpoints.MapControllers(); });
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService ser)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nie podano indeksu w naglowku");
return;
}
else
{
var index = context.Request.Headers["Index"].ToString();
if (ser.checkStudentIndex(index))
{
context.Response.StatusCode = StatusCodes.Status404NotFound;
await context.Response.WriteAsync("Dany index nie znajduje sie w bazie danych");
}
}
await next();
});
app.UseRouting();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
public async Task InovokeAsync(HttpContext context, IStudentsDbService serv)
{
if (context.Request != null)
{
string path = context.Request.Path;
string method = context.Request.Method;
string queryString = context.Request.QueryString.ToString();
string bodyStr = "";
using (StreamReader reader = new StreamReader(
context.Request.Body, Encoding.UTF8, true, 1024, true))
{
bodyStr = await reader.ReadToEndAsync();
}
if (!File.Exists("C:\\Users\\Nika\\source\\repos\\APBD03\\APBD03"))
{
File.Create("C:\\Users\\Nika\\source\\repos\\APBD03\\APBD03").Dispose();
}
StreamWriter sw = File.AppendText("C:\\Users\\Nika\\source\\repos\\APBD03\\APBD03");
sw.WriteLine("Path: \n" + path + "; \n Query String: \n" + queryString + ";\n Method: \n" + method + ";\n Body Parameters: \n" + bodyStr);
sw.Close();
}
await _next(context);
}
public StudentsController(IDbService dbService, IConfiguration configuration, ILoginService loginService, IStudentsDbService studentsDbService, s8346Context context)
{
_loginService = loginService;
_dbService = dbService;
_configuration = configuration;
_studentsDbService = studentsDbService;
_studentsDbContext = context;
}
public StudentsController(IDbService dbService, IConfiguration configuration, LoginService loginService, IStudentsDbService studentsDbService, s19048Context s19048Context)
{
_dbService = dbService;
_configuration = configuration;
_loginService = loginService;
_studentsDbService = studentsDbService;
_s19048Context = s19048Context;
}
public IActionResult EnrollStudent(Student Student, [FromServices] IStudentsDbService isdbs)
{
if (!Student.IsComplete())
{
return(BadRequest("działam"));
}
return(isdbs.RegisterStudent(Student));
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService service)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
//Obs³uga b³êdów
app.UseMiddleware <ExeptionMiddleware>();
app.UseSwagger();
app.UseSwaggerUI(config =>
{
config.SwaggerEndpoint("/swagger/v1/swagger.json", "Students App API");
});
app.UseMiddleware <LoggingMiddleware>();
app.UseWhen(context => context.Request.Path.ToString().Contains("secured"), app =>
{
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Index number missing");
return;
}
var index = context.Request.Headers["Index"].ToString();
var stud = service.GetStudent(index);
if (stud == null)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync($"User ({index}) not found");
return;
}
await next();
});
});
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
public BasicAuthHandler(
IOptionsMonitor <AuthenticationSchemeOptions> options,
ILoggerFactory logger,
UrlEncoder encoder,
ISystemClock clock, //lifetime of the token
IStudentsDbService service
) : base(options, logger, encoder, clock) //super in java
{
_service = service;
}
public BasicAuthHandler(
IOptionsMonitor <AuthenticationSchemeOptions> options,
ILoggerFactory logger,
UrlEncoder encoder,
ISystemClock clock,
IStudentsDbService service
) : base(options, logger, encoder, clock)
{
_dbService = service;
}
public IActionResult EnrollStudent([FromBody] Student student, [FromServices] IStudentsDbService dbService)
{
if (student.FirstName == null || student.LastName == null || student.IndexNumber == null ||
student.BirthDate == null || student.Studies == null)
{
return(BadRequest());
}
return(dbService.enrollStudent(student));
}
public BasicAuthorizationHandler(
IOptionsMonitor <AuthenticationSchemeOptions> options,
ILoggerFactory logger, // Для добваления механизма логгирования
UrlEncoder encoder, // Используется для декодирования сообщений
ISystemClock clock, // Связанна со временем
IStudentsDbService studentsDbService
) : base(options, logger, encoder, clock) // == super() in Java
{
this.studentsDbService = studentsDbService;
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService service)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseSwagger();
app.UseSwaggerUI(c => {
c.SwaggerEndpoint("/swagger/v1/swagger.json", "Student API V1");
});
app.UseMiddleware <LoggingMiddleware>();
app.UseWhen(context => context.Request.Path.ToString().Contains("secret"), app => app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Index number required");
return;
}
string index = context.Request.Headers["Index"].ToString();
//stateless
//check in db if this index exists
var st = service.GetStudentByIndexAsync(index);
if (st == null)
{
context.Response.StatusCode = StatusCodes.Status400BadRequest;
await context.Response.WriteAsync("Incorrect Index number");
return;
}
await next(); //calls the next middleware
}));
app.UseRouting();
// app.UseAuthorization();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService serv)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
// odt¹d
//app.UseHttpsRedirection();
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nie podano indeksu w nag³ówku");
return;
}
//to najpierw
// plik z generowym plikiem middleware byl w folderze middleware albo bezposrednio do katalgu projektu (oprocz
// debug katalogu ) - musi byc dopisywany a nie tworzony
//var bodyStream = string.Empty;
//using (var reader = new StreamReader(HttpContext.Request.Body, Encoding.UTF8, true, 1024, true))
//{
// bodyStream = await reader.ReadToEndAsync();
//}
//HttpContext.Request.EnableBuffering(); /*(na pocz¹tku)*/
// HttpContext.Request.Body.Seek(0, SeekOrigin.Begin);
// //(na koñcu przed await _next...)
var index = context.Request.Headers["Index"].ToString();
if (!serv.CheckIndex(index)) // sprawdzenie czy student wystepuje w bazie danych
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nie ma indeksu w bazie");
return;
}
await next();
});
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService studentsDbService)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <LoggingMiddleware>();
/* Проверка на содержания в запросе индекса. Есть подозрение, что один из моих middlwar'ow
* просто не передает Body
*/
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nie podałeś indeksu");
return;
}
/*
* string httpBodyString = "";
*
* using (StreamReader reader = new StreamReader(context.Request.Body, Encoding.UTF8, true, 1024))
* {
* httpBodyString = await reader.ReadToEndAsync();
* }
*/
string studentIndex = context.Request.Headers["Index"].ToString();
if (!studentsDbService.isExistStudies(studentIndex))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Nie istnieje takiego studenta");
return;
}
// context.Request.Body.Position = 0; //(0);
await next();
});
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
public IActionResult Login(LoginRequestDto request, [FromServices] IStudentsDbService isdbs)
{
var salt = isdbs.getSalt(request.Eska);
var passw = HashHandler.CreateHash(request.Haslo, salt);
using (var con = new SqlConnection("Data Source=db-mssql;Initial Catalog=s18309;Integrated Security=True"))
using (var com = new SqlCommand())
{
com.Connection = con;
com.CommandText = ("select 1 from Student where IndexNumber = @index AND Password = @Pass");
com.Parameters.AddWithValue("Pass", passw);
com.Parameters.AddWithValue("index", request.Eska);
con.Open();
var dr = com.ExecuteReader();
if (!dr.Read())
{
return(BadRequest("Wrong login or password"));
}
}
//=-----------------------------------------------------------------------------
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, "1"),
new Claim(ClaimTypes.Name, "1"),
new Claim(ClaimTypes.Role, "employee"),
new Claim(ClaimTypes.Role, "student")
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("DefinietlyNotASecretKeyasd213qwsdeq234123saw"));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: "Gakko",
audience: "Students",
claims: claims,
expires: DateTime.Now.AddMinutes(10),
signingCredentials: creds
);
var refreshTokenik = Guid.NewGuid();
isdbs.SetREFRESHTOKEN(request.Eska, refreshTokenik.ToString());
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
refreshToken = refreshTokenik
}));
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env,
IStudentsDbService service)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <ExceptionMiddleware>();
// 2. Add documentation - add middleware
app.UseSwagger();
app.UseSwaggerUI(config => {
config.SwaggerEndpoint("/swagger/v1/swagger.json", "Students App API");
});
// Add LoggingMiddleware
app.UseMiddleware <LoggingMiddleware>();
app.UseRouting();
// disable middleware which checks for index in header
/*app.Use(async (context, next) =>
* {
* if (!context.Request.Headers.ContainsKey("Index"))
* {
* context.Response.StatusCode = StatusCodes.Status401Unauthorized;
* await context.Response.WriteAsync("Musisz podac numer indeksu");
* return;
* }
* string index = context.Request.Headers["Index"].ToString();
* var student = service.GetStudent(index);
* if (student == null)
* {
* context.Response.StatusCode = StatusCodes.Status404NotFound;
* await context.Response.WriteAsync("Student o podanym numerze indeksu nie istnieje");
* return;
* }
*
* await next(); // idziemy do kolejnego middleware
* });
*/
//app.UseAuthentication(); add for basic auth
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService dbService)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("No index found");
return;
}
else
{
string index = context.Request.Headers["Index"].ToString();
var indexExists = dbService.CheckIndex(index);
//This method is called in DBController
if (!indexExists)
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Student with given index");
return;
}
/*else if (!indexExists)
* {
* //In case index header exists but the student number is not a valid one
* context.Response.StatusCode = StatusCodes.Status401Unauthorized;
* await context.Response.WriteAsync("No index found");
* return;
* }*/
}
await next();
});
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IStudentsDbService service)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseHttpsRedirection();
app.UseMiddleware <LoggingMiddleware>();
app.Use(async(context, next) =>
{
if (!context.Request.Headers.ContainsKey("Index"))
{
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
await context.Response.WriteAsync("Student index required.");
}
string index = context.Response.Headers["Index"].ToString();
//checking if database contains student
var check = service.IsStudentNumberUnique(index);
if (!check)
{
context.Response.StatusCode = StatusCodes.Status404NotFound;
await context.Response.WriteAsync("Student not found.");
return;
}
await next();
});
app.UseRouting();
app.UseAuthorization();
app.Use(async(context, next) =>
{
IStudentsDbService _dbService = new SqlServerDbService();
_dbService.IsStudentNumberUnique(context.Response.Headers["Index"].ToString());
await next();
});
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
