84 lines
2.2 KiB
C#
84 lines
2.2 KiB
C#
using Core.Enumerations;
|
|
using ExtensionMethods;
|
|
using Extensions;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using WeatherForecast.Services;
|
|
|
|
namespace WeatherForecast.Policies {
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
public class CrudAuthorizationHandler : AuthorizationHandler<CrudActionRequirement> {
|
|
|
|
private readonly IHttpContextAccessor _contextAccessor;
|
|
private readonly IUserService _authenticationService;
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
/// <param name="contextAccessor"></param>
|
|
/// <param name="authenticationService"></param>
|
|
public CrudAuthorizationHandler(
|
|
IHttpContextAccessor contextAccessor,
|
|
IUserService authenticationService
|
|
) {
|
|
_contextAccessor = contextAccessor;
|
|
_authenticationService = authenticationService;
|
|
}
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
/// <param name="context"></param>
|
|
/// <param name="requirement"></param>
|
|
/// <returns></returns>
|
|
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, CrudActionRequirement requirement) {
|
|
|
|
var user = context.User;
|
|
var identity = user.Identity;
|
|
var name = identity?.Name;
|
|
var userId = name?.ToNullableGuid();
|
|
|
|
var request = _contextAccessor?.HttpContext?.Request;
|
|
var bearerToken = request?.GeBearerToken();
|
|
|
|
if (_authenticationService.VerifyToken(userId, bearerToken, requirement.Controller, requirement.Action).IsSuccess)
|
|
context.Succeed(requirement);
|
|
|
|
return Task.CompletedTask;
|
|
}
|
|
}
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
public class CrudActionRequirement : IAuthorizationRequirement {
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
public WebapiControllers Controller { get; }
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
public CrudActions Action { get; }
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
public bool SameAuthor { get; }
|
|
|
|
/// <summary>
|
|
///
|
|
/// </summary>
|
|
/// <param name="crudAction"></param>
|
|
public CrudActionRequirement(WebapiControllers controller, CrudActions crudAction, bool sameAuthor = false) {
|
|
Controller = controller;
|
|
Action = crudAction;
|
|
SameAuthor = sameAuthor;
|
|
}
|
|
}
|
|
}
|