From 1d482a4ec2cf24dbe7cc6cb02e192e1b9545f796 Mon Sep 17 00:00:00 2001
From: ivarlovlie <git@ivarlovlie.no>
Date: Mon, 14 Feb 2022 19:02:54 +0100
Subject: feat: Experiment with tailwind

---
 .../Utilities/BasicAuthenticationAttribute.cs      | 39 ++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 src/server/Utilities/BasicAuthenticationAttribute.cs

(limited to 'src/server/Utilities/BasicAuthenticationAttribute.cs')

diff --git a/src/server/Utilities/BasicAuthenticationAttribute.cs b/src/server/Utilities/BasicAuthenticationAttribute.cs
new file mode 100644
index 0000000..81467cd
--- /dev/null
+++ b/src/server/Utilities/BasicAuthenticationAttribute.cs
@@ -0,0 +1,39 @@
+using System.Net.Http.Headers;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace IOL.BookmarkThing.Server.Utilities;
+
+public class BasicAuthenticationAttribute : TypeFilterAttribute
+{
+	public BasicAuthenticationAttribute(string claimPermission) : base(typeof(BasicAuthenticationFilter)) {
+		Arguments = new object[] {
+				new Claim(claimPermission, "True")
+		};
+	}
+}
+
+public class BasicAuthenticationFilter : IAuthorizationFilter
+{
+	private readonly Claim _claim;
+
+	public BasicAuthenticationFilter(Claim claim) {
+		_claim = claim;
+	}
+
+	public void OnAuthorization(AuthorizationFilterContext context) {
+		if (!context.HttpContext.Request.Headers.ContainsKey("Authorization")) return;
+		try {
+			var authHeader = AuthenticationHeaderValue.Parse(context.HttpContext.Request.Headers["Authorization"]);
+			if (authHeader.Parameter is null) {
+				context.Result = new ForbidResult(AppConstants.BASIC_AUTH_SCHEME);
+			}
+
+			var hasClaim = context.HttpContext.User.Claims.Any(c => c.Type == _claim.Type && c.Value == _claim.Value);
+			if (!hasClaim) {
+				context.Result = new ForbidResult(AppConstants.BASIC_AUTH_SCHEME);
+			}
+		} catch {
+			// ignore
+		}
+	}
+}
-- 
cgit v1.3