private async Task AttachUserToContext(HttpContext context, CampaignSaberContext campaignSaberContext, string token)
{
try
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.UTF8.GetBytes(_jwtSettings.Key);
tokenHandler.ValidateToken(token, new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = _jwtSettings.Issuer,
ValidAudience = _jwtSettings.Issuer,
IssuerSigningKey = new SymmetricSecurityKey(key)
}, out SecurityToken validatedToken);
var jwtToken = (JwtSecurityToken)validatedToken;
var userId = jwtToken.Claims.First(x => x.Type == "sub").Value;
context.Items["User"] = await campaignSaberContext.Users.FirstAsync(u => u.Id == userId);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
}
public Expression <Func <CampaignSaberContext, Campaign> > DeleteCampaign(CampaignSaberContext db, CampaignDeletionArgs args, GraphQLValidator validator, IHttpContextAccessor accessor)
{
var user = accessor.HttpContext.Items["User"];
if (user == null)
{
validator.AddError("Unauthorized Request");
}
var cuser = (User)user;
if (validator.HasErrors)
{
return(null);
}
var campaign = db.Campaigns.FirstOrDefault(c => c.Id == args.Id && (c.UploaderId == cuser.Id || cuser.Role == Role.Admin));
if (campaign == null)
{
validator.AddError("Campaign Not Found");
return(null);
}
db.Campaigns.Remove(campaign);
db.SaveChanges();
return(null);
}
public async Task Invoke(HttpContext context, CampaignSaberContext campaignSaberContext)
{
var token = context.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ").LastOrDefault();
if (token != null)
{
await AttachUserToContext(context, campaignSaberContext, token);
}
await _next(context);
}
public Expression <Func <CampaignSaberContext, Campaign> > UpdateCampaign(CampaignSaberContext db, CampaignArgs args, GraphQLValidator validator, IHttpContextAccessor accessor)
{
if (string.IsNullOrEmpty(args.Title))
{
validator.AddError("Title argument is required");
}
if (!string.IsNullOrEmpty(args.Description))
{
if (args.Description.Length > 2000)
{
validator.AddError("Description is too long! (Max 2000 characters)");
}
}
var user = accessor.HttpContext.Items["User"];
if (user == null)
{
validator.AddError("Unauthorized Request");
}
var cuser = (User)user;
if (validator.HasErrors)
{
return(null);
}
var campaign = db.Campaigns.FirstOrDefault(c => c.Id == args.Id && (c.UploaderId == cuser.Id || cuser.Role == Role.Admin));
if (campaign == null)
{
validator.AddError("Campaign Not Found");
return(null);
}
campaign.Title = args.Title;
campaign.Description = args.Description;
db.SaveChanges();
return(ctx => ctx.Campaigns.First(c => c.Id == campaign.Id));
}
public VoteController(CampaignSaberContext campaignSaberContext)
{
_campaignSaberContext = campaignSaberContext;
}
public AuthorizationController(IJWTSettings jwtSettings, DiscordService discordService, CampaignSaberContext campaignSaberContext)
{
_jwtSettings = jwtSettings;
_discordService = discordService;
_campaignSaberContext = campaignSaberContext;
}
public UploadController(CampaignSaberContext campaignSaberContext)
{
_campaignSaberContext = campaignSaberContext;
}
public GraphQLController(CampaignSaberContext campaignSaberContext, SchemaProvider <CampaignSaberContext> schemaProvider)
{
_schemaProvider = schemaProvider;
_campaignSaberContext = campaignSaberContext;
}
