510k/IRaCIS.Core.Application/Middleware/AuthenticationMiddleware.cs

using Microsoft.AspNetCore.Http;
using System.Threading.Tasks;
using IRaCIS.Core.Domain.Share;
using IRaCIS.Application.Contracts;
using Dicom.IO;
using IRaCIS.Core.Infrastructure;
using Newtonsoft.Json;

namespace IRaCIS.Core.API.Middleware
{
    public class AuthenticationMiddleware
    {
        private readonly RequestDelegate _next;

        private readonly IRepository<UserTypeMenu> _userTypeMenuRepository;

        private readonly IUserInfo _userInfo;

        public AuthenticationMiddleware(RequestDelegate next,
             IRepository<UserTypeMenu> userTypeMenuTypeRepository, 
            IUserInfo userInfo)
        {
            _next = next;
            _userTypeMenuRepository = userTypeMenuTypeRepository;
            _userInfo = userInfo;
         
        }

        public async Task InvokeAsync(HttpContext context)
        {
            if (!await IsValidRequest(context))
            {
                context.Response.StatusCode = StatusCodes.Status409Conflict; ;
                context.Response.ContentType = "application/json";
                var msg = JsonConvert.SerializeObject(ResponseOutput.NotOk("Access was denied due to lack of permission"));
                Console.WriteLine(msg);
                await context.Response.WriteAsync(msg);
                await context.Response.Body.FlushAsync();
                context.Response.Body.Close();
            }
            else
            {
                await _next(context);
            }

         
        }

        private async Task<bool> IsValidRequest(HttpContext context)
        {
            if (!Jurisdiction.IsSearch)
            {
                var apiPathList = await _userTypeMenuRepository.Where(x => x.Menu.ApiPath != null && x.Menu.ApiPath != string.Empty)
              .Select(x => new MenuApi()
              {

                  UserTypeEnum = (int)x.UserType.UserTypeEnum,
                  ApiPath = x.Menu.ApiPath,

              }).ToListAsync();

                Jurisdiction.MenuActionList = apiPathList.Select(x => new MenuApi()
                {
                    UserTypeEnum = x.UserTypeEnum,
                    ApiPath = x.ApiPath.ToLower(),
                }).ToList();
                Jurisdiction.IsSearch = true;
            }
          

            if (_userInfo.UserTypeEnumInt != 0)
            {
                var url = _userInfo.RequestUrl.ToLower(); ;
                if (Jurisdiction.MenuActionList.Any(x => x.ApiPath.Contains(url)) && !Jurisdiction.MenuActionList.Any(x => x.ApiPath.Contains(url) && x.UserTypeEnum == _userInfo.UserTypeEnumInt))
                {
                    return false;
                }
            }
          
            return true;
        }
    }
}