mirror of
https://github.com/hmaxnl/SharpRSS.git
synced 2024-09-20 01:54:20 +02:00
64 lines
2.5 KiB
C#
64 lines
2.5 KiB
C#
using System;
|
|
using System.Linq;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.AspNetCore.Mvc.Filters;
|
|
using Microsoft.Extensions.Primitives;
|
|
using SharpRSS.API.Contracts.Models;
|
|
using SharpRSS.API.Data;
|
|
using ToolQit;
|
|
using ToolQit.Extensions;
|
|
using ToolQit.Logging;
|
|
|
|
namespace SharpRSS.API.Auth
|
|
{
|
|
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = true, Inherited = true)]
|
|
public class SessionAuthorizeAttribute : Attribute, IAuthorizationFilter
|
|
{
|
|
public SessionAuthorizeAttribute(bool admin = true)
|
|
{
|
|
_admin = admin;
|
|
_log = LogManager.CreateLogger(typeof(SessionAuthorizeAttribute));
|
|
}
|
|
|
|
private readonly ILog _log;
|
|
private readonly bool _admin;
|
|
|
|
public async void OnAuthorization(AuthorizationFilterContext context)
|
|
{
|
|
if (context.ActionDescriptor.EndpointMetadata.Any(obj => obj.GetType() == typeof(AllowAnonymousAttribute)))
|
|
return;
|
|
var authService = context.HttpContext.RequestServices.GetService(typeof(AuthService)) as AuthService;
|
|
if (authService == null)
|
|
{
|
|
context.Result = new UnauthorizedObjectResult(new Result("Failed to initialize service!", ResultStatus.InternalFail));
|
|
return;
|
|
}
|
|
|
|
if (context.HttpContext.Request.Headers.TryGetValue("SRSS-Session", out var val))
|
|
{
|
|
string? headerVal = val.ToString();
|
|
if (headerVal == null || headerVal.IsNullEmptyWhiteSpace())
|
|
{
|
|
context.Result = new UnauthorizedObjectResult(new Result("Invalid session ID"));
|
|
return;
|
|
}
|
|
var authSet = await authService.ValidateSession(headerVal);
|
|
if (!authSet.Success || authSet.Value == null)
|
|
{
|
|
context.Result = new UnauthorizedResult();
|
|
return;
|
|
}
|
|
if (authSet.Value.Session is { Expired: true })
|
|
{
|
|
context.Result = new UnauthorizedObjectResult(new Result("Session expired", ResultStatus.Failed));
|
|
return;
|
|
}
|
|
authSet.Value.AdminRequired = _admin;
|
|
context.HttpContext.Items["auth"] = authSet.Value;
|
|
return;
|
|
}
|
|
context.Result = new UnauthorizedResult();
|
|
}
|
|
}
|
|
} |