public override async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { try { await context.HttpContext.Session.LoadAsync(); byte[] storeData; var type = context.ActionDescriptor.GetType(); var actionDescriptor = context.ActionDescriptor as ControllerActionDescriptor; // var hasIgnore = type.CustomAttributes.Any(x => x.AttributeType == typeof(PageIgnoreAttribute)); bool hasIgnore = actionDescriptor.MethodInfo .GetCustomAttributes(typeof(PageIgnoreAttribute), false) .Any(); var requestType = context.HttpContext.Request.Headers["RequestType"]; if (hasIgnore) { await next(); return; } var loginPage = context.HttpContext.Request.Path.Value.Contains("/Admin/UserAuth/Login"); if (loginPage) { await next(); } else { var apiMsg = new ApiMessage { Code = "503", Message = "No Auth" }; if (context.HttpContext.Session.TryGetValue(UserAuthBusiness.UserAuthBackendKey, out storeData)) { var strValue = Encoding.UTF8.GetString(storeData); if (!string.IsNullOrEmpty(strValue)) { var roles = await userAccountBusiness.GetRoles(strValue); if (roles.Any(x => targetRoleList.Any(c => c == x))) { await next(); } else { if (!string.IsNullOrEmpty(requestType)) { context.HttpContext.Response.ContentType = "application/json"; await context.HttpContext.Response.WriteAsync(Newtonsoft.Json.JsonConvert.SerializeObject(apiMsg)); } else { context.HttpContext.Response.Redirect("/Admin/UserAuth/Login?return_url=" + context.HttpContext.Request.Path); } } } else { if (!string.IsNullOrEmpty(requestType)) { context.HttpContext.Response.ContentType = "application/json"; await context.HttpContext.Response.WriteAsync(Newtonsoft.Json.JsonConvert.SerializeObject(apiMsg)); } else { context.HttpContext.Response.Redirect("/Admin/UserAuth/Login?return_url=" + context.HttpContext.Request.Path); } } } else { if (!string.IsNullOrEmpty(requestType)) { context.HttpContext.Response.ContentType = "application/json"; await context.HttpContext.Response.WriteAsync(Newtonsoft.Json.JsonConvert.SerializeObject(apiMsg)); } else { context.HttpContext.Response.Redirect("/Admin/UserAuth/Login?return_url=" + context.HttpContext.Request.Path); } } } } catch (Exception exc) { context.HttpContext.Response.Redirect("/Admin/UserAuth/Login?return_url=" + context.HttpContext.Request.Path); } }
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { var accessToken = context.HttpContext.Request.Headers["AccessToken"]; var identity = new System.Security.Claims.ClaimsIdentity(); if (!string.IsNullOrEmpty(accessToken)) { var resultDocument = await distributedCache.GetValue <string>(accessToken); if (resultDocument.ExpireTime > DateTime.Now) { if (!string.IsNullOrEmpty(resultDocument.Value)) { //var identity = new System.Security.Claims.ClaimsIdentity(); identity.AddClaim(new System.Security.Claims.Claim("OryxUser", resultDocument.Value)); context.HttpContext.User.AddIdentity(identity); var roles = await userAccountBusiness.GetRoles(resultDocument.Value); if (roles.Any(x => targetRoleList.Any(c => c == x))) { await next(); } else { context.Result = new JsonResult(new ApiMessage { Success = false, Message = "Not in role", Code = "503" }); } } else { context.Result = new JsonResult(new ApiMessage { Success = false, Message = "Permission Empty", Code = "503" }); } } else { context.Result = new JsonResult(new ApiMessage { Success = false, Message = "Permission Expired", Code = "503" }); } } else { context.Result = new JsonResult(new ApiMessage { Success = false, Message = "Permission denied", Code = "503" }); } }