Remove auth #72
@@ -1,6 +1,5 @@
|
|||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
using System.Collections.Generic;
|
||||||
using System.Configuration;
|
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
|
|
||||||
using Microsoft.AspNetCore.Authorization;
|
using Microsoft.AspNetCore.Authorization;
|
||||||
@@ -10,18 +9,16 @@ using Microsoft.Extensions.Logging;
|
|||||||
|
|
||||||
using Icarus.Models;
|
using Icarus.Models;
|
||||||
using Icarus.Database.Contexts;
|
using Icarus.Database.Contexts;
|
||||||
// using Icarus.Database.Repositories;
|
|
||||||
|
|
||||||
namespace Icarus.Controllers.V1
|
namespace Icarus.Controllers.V1
|
||||||
{
|
{
|
||||||
[Route("api/v1/album")]
|
[Route("api/v1/album")]
|
||||||
[ApiController]
|
[ApiController]
|
||||||
public class AlbumController : ControllerBase
|
public class AlbumController : BaseController
|
||||||
{
|
{
|
||||||
#region Fields
|
#region Fields
|
||||||
private readonly ILogger<AlbumController> _logger;
|
private readonly ILogger<AlbumController> _logger;
|
||||||
private string _connectionString;
|
private string _connectionString;
|
||||||
private IConfiguration _config;
|
|
||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
|
|
||||||
@@ -41,9 +38,13 @@ namespace Icarus.Controllers.V1
|
|||||||
|
|
||||||
#region HTTP Routes
|
#region HTTP Routes
|
||||||
[HttpGet]
|
[HttpGet]
|
||||||
[Authorize("read:albums")]
|
|
||||||
public IActionResult Get()
|
public IActionResult Get()
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("read:albums"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
List<Album> albums = new List<Album>();
|
List<Album> albums = new List<Album>();
|
||||||
|
|
||||||
var albumContext = new AlbumContext(_connectionString);
|
var albumContext = new AlbumContext(_connectionString);
|
||||||
@@ -57,9 +58,13 @@ namespace Icarus.Controllers.V1
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpGet("{id}")]
|
[HttpGet("{id}")]
|
||||||
[Authorize("read:albums")]
|
|
||||||
public IActionResult Get(int id)
|
public IActionResult Get(int id)
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("read:albums"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
Album album = new Album
|
Album album = new Album
|
||||||
{
|
{
|
||||||
AlbumID = id
|
AlbumID = id
|
||||||
|
|||||||
@@ -1,6 +1,4 @@
|
|||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
|
||||||
using System.Configuration;
|
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
|
|
||||||
using Microsoft.AspNetCore.Authorization;
|
using Microsoft.AspNetCore.Authorization;
|
||||||
@@ -15,12 +13,11 @@ namespace Icarus.Controllers.V1
|
|||||||
{
|
{
|
||||||
[Route("api/v1/artist")]
|
[Route("api/v1/artist")]
|
||||||
[ApiController]
|
[ApiController]
|
||||||
public class ArtistController : ControllerBase
|
public class ArtistController : BaseController
|
||||||
{
|
{
|
||||||
#region Fields
|
#region Fields
|
||||||
private readonly ILogger<ArtistController> _logger;
|
private readonly ILogger<ArtistController> _logger;
|
||||||
private string _connectionString;
|
private string _connectionString;
|
||||||
private IConfiguration _config;
|
|
||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
|
|
||||||
@@ -40,9 +37,13 @@ namespace Icarus.Controllers.V1
|
|||||||
|
|
||||||
#region HTTP Routes
|
#region HTTP Routes
|
||||||
[HttpGet]
|
[HttpGet]
|
||||||
[Authorize("read:artists")]
|
|
||||||
public IActionResult Get()
|
public IActionResult Get()
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("read:artists"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
var artistContext = new ArtistContext(_connectionString);
|
var artistContext = new ArtistContext(_connectionString);
|
||||||
|
|
||||||
var artists = artistContext.Artists.ToList();
|
var artists = artistContext.Artists.ToList();
|
||||||
@@ -54,9 +55,13 @@ namespace Icarus.Controllers.V1
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpGet("{id}")]
|
[HttpGet("{id}")]
|
||||||
[Authorize("read:artists")]
|
|
||||||
public IActionResult Get(int id)
|
public IActionResult Get(int id)
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("read:artists"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
Artist artist = new Artist
|
Artist artist = new Artist
|
||||||
{
|
{
|
||||||
ArtistID = id
|
ArtistID = id
|
||||||
|
|||||||
@@ -0,0 +1,49 @@
|
|||||||
|
using System;
|
||||||
|
using System.Linq;
|
||||||
|
|
||||||
|
using Microsoft.AspNetCore.Mvc;
|
||||||
|
using Microsoft.Extensions.Configuration;
|
||||||
|
|
||||||
|
using Icarus.Controllers.Managers;
|
||||||
|
|
||||||
|
|
||||||
|
namespace Icarus.Controllers.V1
|
||||||
|
{
|
||||||
|
public class BaseController : ControllerBase
|
||||||
|
{
|
||||||
|
#region Fiends
|
||||||
|
protected IConfiguration _config;
|
||||||
|
#endregion
|
||||||
|
|
||||||
|
|
||||||
|
#region Methods
|
||||||
|
protected string ParseBearerTokenFromHeader()
|
||||||
|
{
|
||||||
|
var token = string.Empty;
|
||||||
|
const string tokenType = "Bearer";
|
||||||
|
const string otherTokenType = "Jwt";
|
||||||
|
|
||||||
|
var req = Request;
|
||||||
|
var auth = req.Headers.Authorization;
|
||||||
|
var val = auth.ToString();
|
||||||
|
|
||||||
|
if ((val.Contains(tokenType) || val.Contains(otherTokenType)) && val.Split(" ").Count() > 1)
|
||||||
|
{
|
||||||
|
var split = val.Split(" ");
|
||||||
|
token = split[1];
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
return token;
|
||||||
|
}
|
||||||
|
|
||||||
|
protected bool IsTokenValid(string scope)
|
||||||
|
{
|
||||||
|
var token = ParseBearerTokenFromHeader();
|
||||||
|
var tokMgr = new TokenManager(_config);
|
||||||
|
|
||||||
|
return tokMgr.IsTokenValid(scope, token);
|
||||||
|
}
|
||||||
|
#endregion
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -1,6 +1,4 @@
|
|||||||
using System;
|
using System;
|
||||||
using System.Collections.Generic;
|
|
||||||
using System.IO;
|
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
|
||||||
@@ -17,12 +15,11 @@ namespace Icarus.Controllers.V1
|
|||||||
{
|
{
|
||||||
[Route("api/v1/coverart")]
|
[Route("api/v1/coverart")]
|
||||||
[ApiController]
|
[ApiController]
|
||||||
public class CoverArtController : ControllerBase
|
public class CoverArtController : BaseController
|
||||||
{
|
{
|
||||||
#region Fields
|
#region Fields
|
||||||
private readonly ILogger<CoverArtController> _logger;
|
private readonly ILogger<CoverArtController> _logger;
|
||||||
private string _connectionString;
|
private string _connectionString;
|
||||||
private IConfiguration _config;
|
|
||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
|
|
||||||
@@ -39,6 +36,11 @@ namespace Icarus.Controllers.V1
|
|||||||
#region HTTP Routes
|
#region HTTP Routes
|
||||||
public IActionResult Get()
|
public IActionResult Get()
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("read:songs"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
var coverArtContext = new CoverArtContext(_connectionString);
|
var coverArtContext = new CoverArtContext(_connectionString);
|
||||||
|
|
||||||
var coverArtRecords = coverArtContext.CoverArtImages.ToList();
|
var coverArtRecords = coverArtContext.CoverArtImages.ToList();
|
||||||
@@ -56,9 +58,13 @@ namespace Icarus.Controllers.V1
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpGet("{id}")]
|
[HttpGet("{id}")]
|
||||||
[Authorize("download:cover_art")]
|
|
||||||
public async Task<IActionResult> Get(int id)
|
public async Task<IActionResult> Get(int id)
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("download:cover_art"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
var coverArt = new CoverArt { CoverArtID = id };
|
var coverArt = new CoverArt { CoverArtID = id };
|
||||||
|
|
||||||
var coverArtContext = new CoverArtContext(_connectionString);
|
var coverArtContext = new CoverArtContext(_connectionString);
|
||||||
|
|||||||
@@ -14,12 +14,11 @@ namespace Icarus.Controllers.V1
|
|||||||
{
|
{
|
||||||
[Route("api/v1/genre")]
|
[Route("api/v1/genre")]
|
||||||
[ApiController]
|
[ApiController]
|
||||||
public class GenreController : ControllerBase
|
public class GenreController : BaseController
|
||||||
{
|
{
|
||||||
#region Fields
|
#region Fields
|
||||||
private readonly ILogger<GenreController> _logger;
|
private readonly ILogger<GenreController> _logger;
|
||||||
private string _connectionString;
|
private string _connectionString;
|
||||||
private IConfiguration _config;
|
|
||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
|
|
||||||
@@ -39,9 +38,13 @@ namespace Icarus.Controllers.V1
|
|||||||
|
|
||||||
#region HTTP Routes
|
#region HTTP Routes
|
||||||
[HttpGet]
|
[HttpGet]
|
||||||
[Authorize("read:genre")]
|
|
||||||
public IActionResult Get()
|
public IActionResult Get()
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("read:genre"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
var genres = new List<Genre>();
|
var genres = new List<Genre>();
|
||||||
|
|
||||||
var genreStore = new GenreContext(_connectionString);
|
var genreStore = new GenreContext(_connectionString);
|
||||||
@@ -55,9 +58,13 @@ namespace Icarus.Controllers.V1
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpGet("{id}")]
|
[HttpGet("{id}")]
|
||||||
[Authorize("read:genre")]
|
|
||||||
public IActionResult Get(int id)
|
public IActionResult Get(int id)
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("read:genre"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
var genre = new Genre
|
var genre = new Genre
|
||||||
{
|
{
|
||||||
GenreID = id
|
GenreID = id
|
||||||
|
|||||||
@@ -19,11 +19,10 @@ namespace Icarus.Controllers.V1
|
|||||||
{
|
{
|
||||||
[Route("api/v1/song/compressed/data")]
|
[Route("api/v1/song/compressed/data")]
|
||||||
[ApiController]
|
[ApiController]
|
||||||
public class SongCompressedDataController : ControllerBase
|
public class SongCompressedDataController : BaseController
|
||||||
{
|
{
|
||||||
#region Fields
|
#region Fields
|
||||||
private string _connectionString;
|
private string _connectionString;
|
||||||
private IConfiguration _config;
|
|
||||||
private string _songTempDir;
|
private string _songTempDir;
|
||||||
private string _archiveDir;
|
private string _archiveDir;
|
||||||
#endregion
|
#endregion
|
||||||
@@ -46,9 +45,13 @@ namespace Icarus.Controllers.V1
|
|||||||
|
|
||||||
#region API Routes
|
#region API Routes
|
||||||
[HttpGet("{id}")]
|
[HttpGet("{id}")]
|
||||||
[Authorize("download:songs")]
|
|
||||||
public async Task<IActionResult> Get(int id)
|
public async Task<IActionResult> Get(int id)
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("download:songs"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
var context = new SongContext(_connectionString);
|
var context = new SongContext(_connectionString);
|
||||||
|
|
||||||
SongCompression cmp = new SongCompression(_archiveDir);
|
SongCompression cmp = new SongCompression(_archiveDir);
|
||||||
|
|||||||
@@ -18,12 +18,11 @@ namespace Icarus.Controllers.V1
|
|||||||
{
|
{
|
||||||
[Route("api/v1/song")]
|
[Route("api/v1/song")]
|
||||||
[ApiController]
|
[ApiController]
|
||||||
public class SongController : ControllerBase
|
public class SongController : BaseController
|
||||||
{
|
{
|
||||||
#region Fields
|
#region Fields
|
||||||
private readonly ILogger<SongController> _logger;
|
private readonly ILogger<SongController> _logger;
|
||||||
private string _connectionString;
|
private string _connectionString;
|
||||||
private IConfiguration _config;
|
|
||||||
private SongManager _songMgr;
|
private SongManager _songMgr;
|
||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
@@ -44,35 +43,13 @@ namespace Icarus.Controllers.V1
|
|||||||
|
|
||||||
|
|
||||||
#region Methods
|
#region Methods
|
||||||
private string ParseBearerTokenFromHeader()
|
|
||||||
{
|
|
||||||
var token = string.Empty;
|
|
||||||
const string tokenType = "Bearer";
|
|
||||||
|
|
||||||
var req = Request;
|
|
||||||
var auth = req.Headers.Authorization;
|
|
||||||
var val = auth.ToString();
|
|
||||||
|
|
||||||
if (val.Contains(tokenType) && val.Split(" ").Count() > 1)
|
|
||||||
{
|
|
||||||
var split = val.Split(" ");
|
|
||||||
token = split[1];
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
return token;
|
|
||||||
}
|
|
||||||
#region HTTP Endpoints
|
#region HTTP Endpoints
|
||||||
|
|
||||||
|
|
||||||
[HttpGet]
|
[HttpGet]
|
||||||
// [Authorize("read:song_details")]
|
|
||||||
public IActionResult Get()
|
public IActionResult Get()
|
||||||
{
|
{
|
||||||
var token = ParseBearerTokenFromHeader();
|
if (!IsTokenValid("read:song_details"))
|
||||||
var tokMgr = new TokenManager(_config);
|
|
||||||
|
|
||||||
if (!tokMgr.IsTokenValid("read:song_details", token))
|
|
||||||
{
|
{
|
||||||
return StatusCode(401, "Not allowed");
|
return StatusCode(401, "Not allowed");
|
||||||
}
|
}
|
||||||
@@ -92,9 +69,13 @@ namespace Icarus.Controllers.V1
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpGet("{id}")]
|
[HttpGet("{id}")]
|
||||||
[Authorize("read:song_details")]
|
|
||||||
public IActionResult Get(int id)
|
public IActionResult Get(int id)
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("read:song_details"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
var context = new SongContext(_connectionString);
|
var context = new SongContext(_connectionString);
|
||||||
|
|
||||||
Song song = new Song { SongID = id };
|
Song song = new Song { SongID = id };
|
||||||
@@ -108,10 +89,14 @@ namespace Icarus.Controllers.V1
|
|||||||
return NotFound();
|
return NotFound();
|
||||||
}
|
}
|
||||||
|
|
||||||
[Authorize("update:songs")]
|
|
||||||
[HttpPut("{id}")]
|
[HttpPut("{id}")]
|
||||||
public IActionResult Put(int id, [FromBody] Song song)
|
public IActionResult Put(int id, [FromBody] Song song)
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("update:songs"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
var context = new SongContext(_connectionString);
|
var context = new SongContext(_connectionString);
|
||||||
|
|
||||||
song.SongID = id;
|
song.SongID = id;
|
||||||
|
|||||||
@@ -20,11 +20,10 @@ namespace Icarus.Controllers.V1
|
|||||||
{
|
{
|
||||||
[Route("api/v1/song/data")]
|
[Route("api/v1/song/data")]
|
||||||
[ApiController]
|
[ApiController]
|
||||||
public class SongDataController : ControllerBase
|
public class SongDataController : BaseController
|
||||||
{
|
{
|
||||||
#region Fields
|
#region Fields
|
||||||
private string _connectionString;
|
private string _connectionString;
|
||||||
private IConfiguration _config;
|
|
||||||
private ILogger<SongDataController> _logger;
|
private ILogger<SongDataController> _logger;
|
||||||
private SongManager _songMgr;
|
private SongManager _songMgr;
|
||||||
private string _songTempDir;
|
private string _songTempDir;
|
||||||
@@ -47,33 +46,15 @@ namespace Icarus.Controllers.V1
|
|||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
|
|
||||||
private string ParseBearerTokenFromHeader()
|
|
||||||
{
|
|
||||||
var token = string.Empty;
|
|
||||||
const string tokenType = "Bearer";
|
|
||||||
const string otherTokenType = "Jwt";
|
|
||||||
|
|
||||||
var req = Request;
|
|
||||||
var auth = req.Headers.Authorization;
|
|
||||||
var val = auth.ToString();
|
|
||||||
|
|
||||||
if (val.Contains(tokenType) && val.Split(" ").Count() > 1 ||
|
|
||||||
val.Contains(otherTokenType) && val.Split(" ").Count() > 1)
|
|
||||||
{
|
|
||||||
var split = val.Split(" ");
|
|
||||||
token = split[1];
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
return token;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
[HttpGet("download/{id}")]
|
[HttpGet("download/{id}")]
|
||||||
[Route("private-scoped")]
|
[Route("private-scoped")]
|
||||||
[Authorize("download:songs")]
|
|
||||||
public async Task<IActionResult> Get(int id)
|
public async Task<IActionResult> Get(int id)
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("download:songs"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
var songContext = new SongContext(_connectionString);
|
var songContext = new SongContext(_connectionString);
|
||||||
var songMetaData = songContext.RetrieveRecord(new Song { SongID = id});
|
var songMetaData = songContext.RetrieveRecord(new Song { SongID = id});
|
||||||
|
|
||||||
@@ -96,13 +77,9 @@ namespace Icarus.Controllers.V1
|
|||||||
//
|
//
|
||||||
[HttpPost("upload"), DisableRequestSizeLimit]
|
[HttpPost("upload"), DisableRequestSizeLimit]
|
||||||
[Route("private-scoped")]
|
[Route("private-scoped")]
|
||||||
// [Authorize("upload:songs")]
|
|
||||||
public IActionResult Post([FromForm(Name = "file")] List<IFormFile> songData)
|
public IActionResult Post([FromForm(Name = "file")] List<IFormFile> songData)
|
||||||
{
|
{
|
||||||
var token = ParseBearerTokenFromHeader();
|
if (!IsTokenValid("upload:songs"))
|
||||||
var tokMgr = new TokenManager(_config);
|
|
||||||
|
|
||||||
if (!tokMgr.IsTokenValid("upload:songs", token))
|
|
||||||
{
|
{
|
||||||
return StatusCode(401, "Not allowed");
|
return StatusCode(401, "Not allowed");
|
||||||
}
|
}
|
||||||
@@ -142,13 +119,9 @@ namespace Icarus.Controllers.V1
|
|||||||
//
|
//
|
||||||
[HttpPost("upload/with/data")]
|
[HttpPost("upload/with/data")]
|
||||||
[Route("private-scoped")]
|
[Route("private-scoped")]
|
||||||
// [Authorize("upload:songs")]
|
|
||||||
public IActionResult Post ([FromForm] UploadSongWithDataForm up)
|
public IActionResult Post ([FromForm] UploadSongWithDataForm up)
|
||||||
{
|
{
|
||||||
var token = ParseBearerTokenFromHeader();
|
if (!IsTokenValid("upload:songs"))
|
||||||
var tokMgr = new TokenManager(_config);
|
|
||||||
|
|
||||||
if (!tokMgr.IsTokenValid("upload:songs", token))
|
|
||||||
{
|
{
|
||||||
return StatusCode(401, "Not allowed");
|
return StatusCode(401, "Not allowed");
|
||||||
}
|
}
|
||||||
@@ -172,9 +145,13 @@ namespace Icarus.Controllers.V1
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpDelete("delete/{id}")]
|
[HttpDelete("delete/{id}")]
|
||||||
[Authorize("delete:songs")]
|
|
||||||
public IActionResult Delete(int id)
|
public IActionResult Delete(int id)
|
||||||
{
|
{
|
||||||
|
if (!IsTokenValid("delete:songs"))
|
||||||
|
{
|
||||||
|
return StatusCode(401, "Not allowed");
|
||||||
|
}
|
||||||
|
|
||||||
var songContext = new SongContext(_connectionString);
|
var songContext = new SongContext(_connectionString);
|
||||||
|
|
||||||
var songMetaData = new Song{ SongID = id };
|
var songMetaData = new Song{ SongID = id };
|
||||||
|
|||||||
@@ -20,12 +20,11 @@ namespace Icarus.Controllers.V1
|
|||||||
{
|
{
|
||||||
[Route("api/v1/song/stream")]
|
[Route("api/v1/song/stream")]
|
||||||
[ApiController]
|
[ApiController]
|
||||||
public class SongStreamController : ControllerBase
|
public class SongStreamController : BaseController
|
||||||
{
|
{
|
||||||
#region Fields
|
#region Fields
|
||||||
private ILogger<SongStreamController> _logger;
|
private ILogger<SongStreamController> _logger;
|
||||||
private string _connectionString;
|
private string _connectionString;
|
||||||
private IConfiguration _config;
|
|
||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
|
|
||||||
@@ -43,39 +42,14 @@ namespace Icarus.Controllers.V1
|
|||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
|
|
||||||
private string ParseBearerTokenFromHeader()
|
|
||||||
{
|
|
||||||
var token = string.Empty;
|
|
||||||
const string tokenType = "Bearer";
|
|
||||||
|
|
||||||
var req = Request;
|
|
||||||
var auth = req.Headers.Authorization;
|
|
||||||
var val = auth.ToString();
|
|
||||||
|
|
||||||
if (val.Contains(tokenType) && val.Split(" ").Count() > 1)
|
|
||||||
{
|
|
||||||
var split = val.Split(" ");
|
|
||||||
token = split[1];
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
return token;
|
|
||||||
}
|
|
||||||
|
|
||||||
#region HTTP endpoints
|
#region HTTP endpoints
|
||||||
[HttpGet("{id}")]
|
[HttpGet("{id}")]
|
||||||
// [Authorize("stream:songs")]
|
|
||||||
public async Task<IActionResult> Get(int id)
|
public async Task<IActionResult> Get(int id)
|
||||||
{
|
{
|
||||||
var token = ParseBearerTokenFromHeader();
|
if (!IsTokenValid("stream:songs"))
|
||||||
var tokMgr = new TokenManager(_config);
|
|
||||||
|
|
||||||
/**
|
|
||||||
if (!tokMgr.IsTokenValid("stream:songs", token))
|
|
||||||
{
|
{
|
||||||
return StatusCode(401, "Not allowed");
|
return StatusCode(401, "Not allowed");
|
||||||
}
|
}
|
||||||
*/
|
|
||||||
|
|
||||||
var context = new SongContext(_config.GetConnectionString("DefaultConnection"));
|
var context = new SongContext(_config.GetConnectionString("DefaultConnection"));
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user