50 lines
1.1 KiB
C#
50 lines
1.1 KiB
C#
|
using backend.Application;
|
||
|
|
||
|
namespace backend.Middleware;
|
||
|
|
||
|
public class ParentMiddleware
|
||
|
{
|
||
|
private readonly RequestDelegate _next;
|
||
|
|
||
|
public ParentMiddleware(RequestDelegate next)
|
||
|
{
|
||
|
_next = next;
|
||
|
}
|
||
|
|
||
|
public async Task InvokeAsync(HttpContext context)
|
||
|
{
|
||
|
if (context.Request.Cookies["session"] == null) {
|
||
|
context.Response.Clear();
|
||
|
context.Response.StatusCode = 401;
|
||
|
await context.Response.WriteAsync("You are not logged in");
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
var user = ApplicationState.DbContext!.Users.FirstOrDefault(user => user.SessionToken == context.Request.Cookies["session"]!.ToString());
|
||
|
if (user == null) {
|
||
|
context.Response.Clear();
|
||
|
context.Response.StatusCode = 401;
|
||
|
await context.Response.WriteAsync("Invalid session token");
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
if (!user.IsParent) {
|
||
|
context.Response.Clear();
|
||
|
context.Response.StatusCode = 403;
|
||
|
await context.Response.WriteAsync("You are not a parent");
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
await _next(context);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
public class ParentMiddlewareBuilder
|
||
|
{
|
||
|
public void Configure(IApplicationBuilder app)
|
||
|
{
|
||
|
app.UseMiddleware<ParentMiddleware>();
|
||
|
}
|
||
|
}
|
||
|
|