28 lines
956 B
C#
28 lines
956 B
C#
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.AspNetCore.Mvc.Filters;
|
|
|
|
namespace TodoApi.Helpers;
|
|
|
|
public class ApiKeyCanReadAttribute : ActionFilterAttribute
|
|
{
|
|
public override void OnActionExecuting(ActionExecutingContext context)
|
|
{
|
|
// Get the required service to validate the API key
|
|
var apiKeyValidator = context.HttpContext.RequestServices.GetRequiredService<IApiKeyValidator>();
|
|
|
|
// Get the API key from the X-API-KEY header
|
|
var apiKey = context.HttpContext.Request.Headers["X-API-KEY"];
|
|
|
|
// Validate the API key using the IApiKeyValidator service
|
|
if (!apiKeyValidator.CanRead(apiKey))
|
|
{
|
|
// If the API key is invalid, set the response status code to 401 Unauthorized
|
|
context.Result = new UnauthorizedResult();
|
|
return;
|
|
}
|
|
|
|
// If the API key is valid, continue with the action execution
|
|
base.OnActionExecuting(context);
|
|
}
|
|
}
|