feat: add middleware for revocated tokens
This commit is contained in:
parent
21866d54cb
commit
a5f9e67647
23
Endpoint/Middleware/JwtRevocationMiddleware.cs
Normal file
23
Endpoint/Middleware/JwtRevocationMiddleware.cs
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
using Microsoft.AspNetCore.Http;
|
||||||
|
using Mirea.Api.Security.Common.Interfaces;
|
||||||
|
using System.Threading.Tasks;
|
||||||
|
|
||||||
|
namespace Mirea.Api.Endpoint.Middleware;
|
||||||
|
|
||||||
|
public class JwtRevocationMiddleware(RequestDelegate next)
|
||||||
|
{
|
||||||
|
public async Task Invoke(HttpContext context, IRevokedToken revokedTokenStore)
|
||||||
|
{
|
||||||
|
if (context.Request.Headers.ContainsKey("Authorization"))
|
||||||
|
{
|
||||||
|
var token = context.Request.Headers.Authorization.ToString().Replace("Bearer ", "");
|
||||||
|
if (await revokedTokenStore.IsTokenRevokedAsync(token))
|
||||||
|
{
|
||||||
|
context.Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
await next(context);
|
||||||
|
}
|
||||||
|
}
|
@ -95,6 +95,7 @@ public class Program
|
|||||||
|
|
||||||
app.UseMiddleware<MaintenanceModeMiddleware>();
|
app.UseMiddleware<MaintenanceModeMiddleware>();
|
||||||
app.UseMiddleware<CustomExceptionHandlerMiddleware>();
|
app.UseMiddleware<CustomExceptionHandlerMiddleware>();
|
||||||
|
app.UseMiddleware<JwtRevocationMiddleware>();
|
||||||
|
|
||||||
app.UseHttpsRedirection();
|
app.UseHttpsRedirection();
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user