protected override void OnAuthorization(AuthorizationContext filterContext) { var httpRequest = filterContext.HttpContext.Request; var hasSessionTokenCookie = _sessionTokenCookieManager.HasSessionTokenCookie(httpRequest); if (!hasSessionTokenCookie) { filterContext.Result = new HttpUnauthorizedResult(); return; } var sessionToken = _sessionTokenCookieManager.GetSessionToken(httpRequest); var getUserInfoResult = _retaskService.GetUserInfo(sessionToken); if (!getUserInfoResult.Ok) { filterContext.Result = new HttpStatusCodeResult(HttpStatusCode.InternalServerError); return; } var userIsAdmin = getUserInfoResult.Payload.IsAdmin; if (!userIsAdmin) { filterContext.Result = new HttpUnauthorizedResult(); } }
public ActionResult Index() { var hasSessionTokenCookie = _sessionTokenCookieManager.HasSessionTokenCookie(Request); if (hasSessionTokenCookie) { var sessionToken = _sessionTokenCookieManager.GetSessionToken(Request); var getUserInfoResult = _retaskService.GetUserInfo(sessionToken); if (getUserInfoResult.Ok) { return(RedirectToAction("Index", "App")); } _sessionTokenCookieManager.UnsetSessionTokenCookie(Response.Cookies); } return(View()); }
public ServiceResult <UserInfoDTO> GetUserInfo( [Description("Session Token")] string sessionToken) { return(_retaskService.GetUserInfo(sessionToken)); }