diff options
Diffstat (limited to 'BackEnd/Timeline/Controllers/MyControllerBase.cs')
| -rw-r--r-- | BackEnd/Timeline/Controllers/MyControllerBase.cs | 33 |
1 files changed, 21 insertions, 12 deletions
diff --git a/BackEnd/Timeline/Controllers/MyControllerBase.cs b/BackEnd/Timeline/Controllers/MyControllerBase.cs index d4ee9d3e..b74193f4 100644 --- a/BackEnd/Timeline/Controllers/MyControllerBase.cs +++ b/BackEnd/Timeline/Controllers/MyControllerBase.cs @@ -1,8 +1,11 @@ using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.DependencyInjection; using System;
+using System.Threading.Tasks; using Timeline.Auth;
using Timeline.Models.Http;
+using Timeline.Services; using Timeline.Services.User;
namespace Timeline.Controllers
@@ -15,24 +18,30 @@ namespace Timeline.Controllers return User.HasPermission(permission);
}
- protected string? GetOptionalUsername()
+ protected long? GetOptionalAuthUserId()
{
- return User.GetOptionalName();
- }
-
- protected string GetUsername()
- {
- return GetOptionalUsername() ?? throw new InvalidOperationException(Resource.ExceptionNoUsername);
+ return User.GetOptionalUserId();
}
- protected long? GetOptionalUserId()
+ protected long GetAuthUserId()
{
- return User.GetOptionalUserId();
+ return GetOptionalAuthUserId() ?? throw new InvalidOperationException(Resource.ExceptionNoUserId);
}
- protected long GetUserId()
- {
- return GetOptionalUserId() ?? throw new InvalidOperationException(Resource.ExceptionNoUserId);
+ protected async Task<bool> CheckIsSelf(string username) + { + var authUserId = GetOptionalAuthUserId(); + if (!authUserId.HasValue) return false; + try + { + var userService = HttpContext.RequestServices.GetRequiredService<IUserService>(); + var id = await userService.GetUserIdByUsernameAsync(username); + return authUserId == id; + } + catch (EntityNotExistException) + { + return false; + } }
#endregion auth
|