From 21f289ab7bb8a64ee6d5185f142f7533531aa700 Mon Sep 17 00:00:00 2001 From: PascalSenn Date: Wed, 12 Jun 2024 11:11:31 +0200 Subject: [PATCH] Fixed authetnicat middleware --- .../Security/EnsureAuthenticatedMiddleware.cs | 38 +++++++++++-------- 1 file changed, 22 insertions(+), 16 deletions(-) diff --git a/src/Server/src/AspNet/Security/EnsureAuthenticatedMiddleware.cs b/src/Server/src/AspNet/Security/EnsureAuthenticatedMiddleware.cs index cef4275..8acfa53 100644 --- a/src/Server/src/AspNet/Security/EnsureAuthenticatedMiddleware.cs +++ b/src/Server/src/AspNet/Security/EnsureAuthenticatedMiddleware.cs @@ -30,32 +30,38 @@ public async Task InvokeAsync(HttpContext context) return; } - else + + if (context.Request.Path.StartsWithSegments("/api") + || context.Request.Path.StartsWithSegments("/graphql") + || context.Request.Path.StartsWithSegments("/signalR") + || context.Request.Path.StartsWithSegments("/error")) { - if (context.Request.Path.StartsWithSegments("/api") - || context.Request.Path.StartsWithSegments("/graphql") - || context.Request.Path.StartsWithSegments("/signalR") - || context.Request.Path.StartsWithSegments("/error")) + if (HasIdOpsRole(context)) { - if (HasIdOpsRole(context)) - { - await _next(context); - } - else - { - context.Response.StatusCode = 403; - await context.Response.WriteAsync("Access denied!"); - } + await _next(context); } - else if (!context.User.Identity.IsAuthenticated) + else + { + context.Response.StatusCode = 403; + await context.Response.WriteAsync("Access denied!"); + } + } + else if (!context.User.Identity.IsAuthenticated) + { + if (context.Request.Path == "/") { await context.ChallengeAsync(); } else { - await _next(context); + context.Response.StatusCode = 403; + await context.Response.WriteAsync("Access denied!"); } } + else + { + await _next(context); + } } private bool HasIdOpsRole(HttpContext context)