public async Task InvokeAsync(HttpContext context)
{
var token = context.Request.Headers["Auth-Token"].ToString();
var request = context.Request;
var requestMethod = request.Method;
if (token != null)
{
UserRole role = UserRole.NotAuthorized;
try
{
var res = _manager.AllowAction(token, requestMethod, ref role);
if (res.Item2)
{
context.Request.Headers.Add("Permissions", role.ToString());
context.Request.Headers.Add("Authorized", "true");
context.Response.Headers.Add("Auth-Token", res.Item1);
await _next.Invoke(context);
}
}
catch (AuthorizationIsNeededException)
{
context.Request.Headers.Add("Authorized", "false");
await _next.Invoke(context);
}
}
else
{
context.Request.Headers.Add("Authorized", "false");
context.Request.Headers.Add("Permissions", UserRole.NotAuthorized.ToString());
await _next.Invoke(context);
}
}