public async Task Invoke(HttpContext context) { if (!context.WebSockets.IsWebSocketRequest) { await _next.Invoke(context); return; } if (context.Request.Headers.TryGetValue("Sec-WebSocket-Protocol", out var token) && !string.IsNullOrEmpty(token)) { var result = JWTOptions.Validate(token.ToString(), out var login, out var validTo); var isItLastToken = _users.IsItLastToken(login, token, validTo); if (result == 0 && isItLastToken) { context.Response.Headers["Sec-WebSocket-Protocol"] = token; var socket = await context.WebSockets.AcceptWebSocketAsync().ConfigureAwait(false); _webSocketHandler.OnConnected(socket, login); await Receive(socket, async (result, serializedMessage) => { if (result.MessageType == WebSocketMessageType.Text) { await _webSocketHandler.ReceiveAsync(socket, result, serializedMessage).ConfigureAwait(false); return; } else if (result.MessageType == WebSocketMessageType.Close) { try { await _webSocketHandler.OnDisconnected(socket); } catch (WebSocketException) { throw; //let's not swallow any exception for now } return; } }); } } }
public async Task InvokeAsync(HttpContext context) { var authorization = context.Request.Headers["Authorization"]; if (!string.IsNullOrEmpty(authorization.ToString())) { var token = authorization.ToString().Substring(bearer.Length); var result = JWTOptions.Validate(token, out var login, out var validTo); if (result != 0) { if (result == 2) { context.Response.StatusCode = 403; } else { context.Response.StatusCode = 404; } await context.Response.WriteAsync("Token is invalid"); } else { if (_users.IsItLastToken(login, token, validTo)) { context.Request.Headers.Add("UserLogin", new StringValues(login)); await _next.Invoke(context); } else { context.Response.StatusCode = 401; await context.Response.WriteAsync("Token is invalid (new connection opened somewhere)"); } } } else { await _next.Invoke(context); } }