using backend.Application; namespace backend.Middleware; public class ParentMiddleware { private readonly RequestDelegate _next; public ParentMiddleware(RequestDelegate next) { _next = next; } public async Task InvokeAsync(HttpContext context) { if (context.Request.Cookies["session"] == null) { context.Response.Clear(); context.Response.StatusCode = 401; await context.Response.WriteAsync("You are not logged in"); return; } var user = ApplicationState.DbContext!.Users.FirstOrDefault(user => user.SessionToken == context.Request.Cookies["session"]!.ToString()); if (user == null) { context.Response.Clear(); context.Response.StatusCode = 401; await context.Response.WriteAsync("Invalid session token"); return; } if (!user.IsParent) { context.Response.Clear(); context.Response.StatusCode = 403; await context.Response.WriteAsync("You are not a parent"); return; } await _next(context); } } public class ParentMiddlewareBuilder { public void Configure(IApplicationBuilder app) { app.UseMiddleware(); } }