Skip to content

Commit

Permalink
Merge branch 'main' into pse/add-event-hub-transport
Browse files Browse the repository at this point in the history
  • Loading branch information
PascalSenn committed Jun 12, 2024
2 parents 2f6295b + 1436740 commit ecdbd00
Showing 1 changed file with 22 additions and 16 deletions.
38 changes: 22 additions & 16 deletions src/Server/src/AspNet/Security/EnsureAuthenticatedMiddleware.cs
Original file line number Diff line number Diff line change
Expand Up @@ -30,32 +30,38 @@ public async Task InvokeAsync(HttpContext context)

return;
}
else

if (context.Request.Path.StartsWithSegments("/api")
|| context.Request.Path.StartsWithSegments("/graphql")
|| context.Request.Path.StartsWithSegments("/signalR")
|| context.Request.Path.StartsWithSegments("/error"))
{
if (context.Request.Path.StartsWithSegments("/api")
|| context.Request.Path.StartsWithSegments("/graphql")
|| context.Request.Path.StartsWithSegments("/signalR")
|| context.Request.Path.StartsWithSegments("/error"))
if (HasIdOpsRole(context))
{
if (HasIdOpsRole(context))
{
await _next(context);
}
else
{
context.Response.StatusCode = 403;
await context.Response.WriteAsync("Access denied!");
}
await _next(context);
}
else if (!context.User.Identity.IsAuthenticated)
else
{
context.Response.StatusCode = 403;
await context.Response.WriteAsync("Access denied!");
}
}
else if (!context.User.Identity.IsAuthenticated)
{
if (context.Request.Path == "/")
{
await context.ChallengeAsync();
}
else
{
await _next(context);
context.Response.StatusCode = 403;
await context.Response.WriteAsync("Access denied!");
}
}
else
{
await _next(context);
}
}

private bool HasIdOpsRole(HttpContext context)
Expand Down

0 comments on commit ecdbd00

Please sign in to comment.