AppStd/DigitalData.UserManager
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(AuthController): aktualisiert, um zu prüfen, ob der eingeloggte Benutzer in der erlaubten Gruppe in appsettings ist.

Browse Source
This commit is contained in:
Developer 02
2024-10-31 14:44:39 +01:00
parent 1be71a42e5
commit 671500b3a5
10 changed files with 21 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
DigitalData.UserManager.API/Controllers/AuthController.cs
View File

@@ -21,15 +21,16 @@ namespace DigitalData.UserManager.API.Controllers
private readonly IDirectorySearchService _dirSearchService;
private readonly IStringLocalizer<Resource> _localizer;
private readonly ILogger<AuthController> _logger;
public AuthController(IUserService userService, IGroupOfUserService gouService, IDirectorySearchService directorySearchService, IStringLocalizer<Resource> localizer, ILogger<AuthController> logger)
private readonly IConfiguration _config;
public AuthController(IUserService userService, IGroupOfUserService gouService, IDirectorySearchService directorySearchService, IStringLocalizer<Resource> localizer, ILogger<AuthController> logger, IConfiguration configuration)
{
_userService = userService;
_gouService = gouService;
_dirSearchService = directorySearchService;
_localizer = localizer;
_logger = logger;
}
_config = configuration;
}
[AllowAnonymous]
[HttpGet("check")]
@@ -57,10 +58,13 @@ namespace DigitalData.UserManager.API.Controllers
if (!isValid)
return Unauthorized(Result.Fail().Message(_localizer[Key.UserNotFound]));
var gouMsg = await _gouService.HasGroup(login.Username, "PM_USER", caseSensitive: false);
var allowedGroupName = _config.GetSection("AllowedGroupName").Get<string>()
?? throw new InvalidOperationException("Allowed group names configuration is missing.");
var gouMsg = await _gouService.HasGroup(login.Username, allowedGroupName, caseSensitive: false);
if (!gouMsg.IsSuccess)
return Unauthorized(Result.Fail().Message(_localizer[Key.UnauthorizedUser]));
//find the user
var uRes = await _userService.ReadByUsernameAsync(login.Username);
if (!uRes.IsSuccess || uRes.Data is null)