Nejcraft/NejCommon.NET
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
b20dad7208
NejCommon.NET/Authorization/PermissionHandler.cs
honzapatCZ a4735e0f44 Add ApiKey support
2026-03-22 19:52:19 +01:00

50 lines
1.4 KiB
C#
Raw Blame History

using System.Security.Claims;
using AspNetCore.Authentication.ApiKey;
using Microsoft.AspNetCore.Authorization;
using Microsoft.EntityFrameworkCore;
namespace NejCommon.Authorization;
public partial class PermissionHandler : AuthorizationHandler<PermissionRequirement>
{
protected override async Task HandleRequirementAsync(
AuthorizationHandlerContext context,
PermissionRequirement requirement)
{
if (context.Resource is not HttpContext http)
return;
var companyId = http.GetRouteValue("companyId")?.ToString();
if (companyId == null)
{
context.Succeed(requirement);
return;
}
var authType = context.User.Identity?.AuthenticationType;
if (authType == null)
return;
bool allowed;
if (authType == ApiKeyDefaults.AuthenticationScheme)
{
var id = context.User.FindFirst(ClaimTypes.NameIdentifier)?.Value;
if (id == null)
return;
allowed = await CheckApiKeyPermission(id, companyId, requirement.Permission);
}
else
{
var sub = context.User.FindFirst("sub")?.Value;
if (sub == null)
return;
allowed = await CheckUserPermission(sub, companyId, requirement.Permission);
}
if (allowed)
context.Succeed(requirement);
}
}
Reference in New Issue View Git Blame Copy Permalink