public void OnAuthorization(AuthorizationFilterContext context) { var optionsBuilder = new DbContextOptionsBuilder <FactFluxIdentity>(); optionsBuilder.UseSqlServer(Startup.staticConfig["ConnectionStrings:FactFluxConnection"]); var newdbContext = new FactFluxIdentity(optionsBuilder.Options); var userClaims = context.HttpContext.User.Identities.FirstOrDefault().Claims; if (userClaims == null || userClaims.Count() == 0) { context.Result = new ForbidResult(); } var userId = userClaims.FirstOrDefault().Value.ToString(); using (newdbContext) { var foundUser = newdbContext.Users.Where(x => x.Id == userId).FirstOrDefault(); if (foundUser == null) { context.Result = new ForbidResult(); } var isAdmin = (from ur in newdbContext.UserRoles join r in newdbContext.Roles on ur.RoleId equals r.Id where r.Name == "Admin" && ur.UserId == userId select ur).FirstOrDefault(); if (isAdmin == null) { context.Result = new ForbidResult(); } } }
public bool Authorize(DashboardContext context) { var optionsBuilder = new DbContextOptionsBuilder <FactFluxIdentity>(); optionsBuilder.UseSqlServer(Startup.staticConfig["ConnectionStrings:FactFluxConnection"]); var newdbContext = new FactFluxIdentity(optionsBuilder.Options); var userClaims = HttpContext.HttpContext.User.Identities.FirstOrDefault().Claims; if (!userClaims.Any()) { return(false); } var userId = userClaims.FirstOrDefault().Value.ToString(); using (newdbContext) { var foundUser = newdbContext.Users.Where(x => x.Id == userId).FirstOrDefault(); if (foundUser == null) { return(false); } var isAdmin = (from ur in newdbContext.UserRoles join r in newdbContext.Roles on ur.RoleId equals r.Id where r.Name == "Admin" && ur.UserId == userId select ur).FirstOrDefault(); if (isAdmin == null) { return(false); } return(true); } }
public IdentityController(IHttpContextAccessor httpContext, UserManager <IdentityUser> userManager, FactFluxIdentity factFluxIdentity) { HttpContext = httpContext; UserManager = userManager; FactFluxIdentityContext = factFluxIdentity; }