server/src/Endpoints/V1/BaseRoute.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

using System.Net.Http.Headers;

namespace IOL.GreatOffice.Api.Endpoints.V1;

/// <inheritdoc />
[ApiVersion(ApiSpecV1.VERSION_STRING)]
[Authorize(AuthenticationSchemes = AuthSchemes)]
[ApiController]
public class BaseRoute : ControllerBase
{
	private const string AuthSchemes = CookieAuthenticationDefaults.AuthenticationScheme + "," + AppConstants.BASIC_AUTH_SCHEME;

	/// <summary>
	/// User data for the currently logged on user.
	/// </summary>
	protected LoggedInUserModel LoggedInUser => new() {
			Username = User.FindFirstValue(AppClaims.NAME),
			Id = User.FindFirstValue(AppClaims.USER_ID).AsGuid(),
	};

	protected bool IsApiCall() {
		if (!Request.Headers.ContainsKey("Authorization")) return false;
		try {
			var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
			if (authHeader.Parameter == null) return false;
		} catch {
			return false;
		}

		return true;
	}

	protected bool HasApiPermission(string permission_key) {
		var permission_claim = User.Claims.SingleOrDefault(c => c.Type == permission_key);
		return permission_claim is {
				Value: "True"
		};
	}
}