28 lines
923 B
C#
28 lines
923 B
C#
// // validates token & attaches user info
|
|
|
|
// public class KratosAuthMiddleware
|
|
// {
|
|
// private readonly RequestDelegate _next;
|
|
|
|
// public KratosAuthMiddleware(RequestDelegate next) => _next = next;
|
|
|
|
// public async Task InvokeAsync(HttpContext context, KratosIntegration kratos)
|
|
// {
|
|
// var cookie = context.Request.Headers["Cookie"].ToString();
|
|
// var bearer = context.Request.Headers["Authorization"].ToString().Replace("Bearer ", "");
|
|
|
|
// var session = await kratos.ValidateSessionAsync(cookie, bearer);
|
|
|
|
// if (session == null)
|
|
// {
|
|
// context.Response.StatusCode = StatusCodes.Status401Unauthorized;
|
|
// await context.Response.WriteAsync("Unauthorized");
|
|
// return;
|
|
// }
|
|
|
|
// // attach identity to HttpContext
|
|
// context.Items["user"] = session.Identity;
|
|
// await _next(context);
|
|
// }
|
|
// }
|