Пример #1
0
 public static bool Check(IOwinContext ctx)
 {
     if (ctx.Request.Headers["_Autorize"] != null)
     {
         string[] base_path = ctx.Request.PathBase.ToString().Split(new char[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
         if (base_path.Length < 2)
         {
             return(false);
         }
         string jwt = ctx.Request.Headers["_Autorize"].ToString();
         if (String.IsNullOrEmpty(jwt))
         {
             return(false);
         }
         Dictionary <string, object> claims = Jwt.Decode(jwt);
         if (claims == null)
         {
             return(false);
         }
         if (Jwt.Check(claims, null, null))
         {
             return(true);
         }
     }
     return(true);
 }
Пример #2
0
    public static Dictionary <string, object> Check(System.Web.HttpContext context,
                                                    string role, string secret = null)
    {
        String token = context.Authorization();

        if (token == null)
        {
            token = context.Request.QueryString.Get(".jwt");
        }
        if (token == null)
        {
            token = context.Request.Cookies.Get(".jwt")?.Value;
        }
        return(Jwt.Check(token, role, context.Request.UserHostAddress, secret));
    }
Пример #3
0
    public static Dictionary <string, object> Check(Microsoft.Owin.IOwinContext context,
                                                    string role, string secret = null)
    {
        String token = context.Request.Query.Get(".jwt");

        if (token == null)
        {
            token = context.Request.Headers["Authorization"];
            if (token != null)
            {
                if (token.StartsWith("Bearer"))
                {
                    token = token.Remove(0, "Bearer".Length);
                }

                token = token.Trim();
            }
        }

        return(Jwt.Check(token, role, context.Request.RemoteIpAddress, secret));
    }
Пример #4
0
        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (httpContext.Request.Cookies["_Autorize"] == null)
            {
                return(false);
            }

            string jwt = httpContext.Request.Cookies["_Autorize"].Value;

            if (String.IsNullOrEmpty(jwt))
            {
                return(false);
            }

            Dictionary <string, object> claims = Jwt.Decode(jwt);

            if (claims == null)
            {
                return(false);
            }

            if (Jwt.Check(claims, this.Role, null))
            {
                string[] base_path = httpContext.Request.Url.AbsolutePath.ToString().Split(new char[] { '/' }, StringSplitOptions.RemoveEmptyEntries);

                string controller = String.Empty;
                string action     = "";

                if (base_path.Length == 0)
                {
                    controller = "roulet";
                }
                else
                {
                    controller = base_path[0];
                    action     = base_path[1];
                }

                object user_access_level;

                if (!claims.TryGetValue("access_level", out user_access_level))
                {
                    return(false);
                }

                if ((controller == "roulet") && (Convert.ToInt32(user_access_level) == 0 ||
                                                 Convert.ToInt32(user_access_level) == 1 ||
                                                 Convert.ToInt32(user_access_level) == 2))

                {
                    return(true);
                }
                else if ((controller == "games") &&
                         (Convert.ToInt32(user_access_level) == (int)AccessLevel.Admin))
                {
                    return(true);
                }
                else if ((controller == "logs") && (Convert.ToInt32(user_access_level) == 3))
                {
                    return(true);
                }
                else if ((controller == "users") && (Convert.ToInt32(user_access_level) == 3))
                {
                    return(true);
                }

                else if ((controller == "roulet" && action == "managepoints"))
                {
                    return(true);
                }

                else if ((controller == "games" && action == "managepoints"))
                {
                    return(true);
                }



                return(false);
            }


            return(true);
        }