hargata/lubelog
1
0
Fork 0
mirror of https://github.com/hargata/lubelog.git synced 2026-02-03 17:53:02 -06:00
Code Issues Packages Projects Releases 51 Wiki Activity
lubelog/Filter/APIKeyFilter.cs
DESKTOP-T0O5CDB\DESK-555BD 7ba06e01e4 add api key filter
2026-01-24 20:26:49 -07:00

38 lines
1.5 KiB
C#
Raw Blame History

using CarCareTracker.Logic;
using CarCareTracker.Models;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;
namespace CarCareTracker.Filter
{
public class APIKeyFilter: ActionFilterAttribute
{
private readonly IUserLogic _userLogic;
private readonly HouseholdPermission _permission;
public APIKeyFilter(IUserLogic userLogic, HouseholdPermission? permission = HouseholdPermission.View) {
_userLogic = userLogic;
_permission = permission ?? HouseholdPermission.View;
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.HttpContext.User.IsInRole("APIKeyAuth"))
{
var apikey_header = filterContext.HttpContext.Request.Headers["x-api-key"];
if (string.IsNullOrWhiteSpace(apikey_header))
{
apikey_header = filterContext.HttpContext.Request.Query["apiKey"];
}
if (!string.IsNullOrWhiteSpace(apikey_header))
{
var permissions = _userLogic.GetAPIKeyPermissions(apikey_header);
if (!permissions.Contains(_permission))
{
filterContext.Result = new JsonResult(OperationResponse.Failed("Access Denied"));
filterContext.HttpContext.Response.StatusCode = 401;
}
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink