From fb6e119a34643db91ef78d8abeaecfa94c3da4eb Mon Sep 17 00:00:00 2001
From: Polianin Nikita <nikitkapolyanin@yandex.ru>
Date: Tue, 28 May 2024 07:14:17 +0300
Subject: [PATCH] feat: add token for setup controllers

---
 .../TokenAuthenticationAttribute.cs           | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 Endpoint/Common/Attributes/TokenAuthenticationAttribute.cs

diff --git a/Endpoint/Common/Attributes/TokenAuthenticationAttribute.cs b/Endpoint/Common/Attributes/TokenAuthenticationAttribute.cs
new file mode 100644
index 0000000..81812bf
--- /dev/null
+++ b/Endpoint/Common/Attributes/TokenAuthenticationAttribute.cs
@@ -0,0 +1,27 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.Extensions.DependencyInjection;
+using Mirea.Api.Endpoint.Common.Interfaces;
+using System;
+
+namespace Mirea.Api.Endpoint.Common.Attributes;
+
+[AttributeUsage(AttributeTargets.Method)]
+public class TokenAuthenticationAttribute : Attribute, IActionFilter
+{
+    public void OnActionExecuting(ActionExecutingContext context)
+    {
+        var setupToken = context.HttpContext.RequestServices.GetRequiredService<ISetupToken>();
+        if (!context.HttpContext.Request.Cookies.TryGetValue("AuthToken", out string? tokenFromCookie))
+        {
+            context.Result = new UnauthorizedResult();
+            return;
+        }
+
+        if (setupToken.MatchToken(Convert.FromBase64String(tokenFromCookie))) return;
+
+        context.Result = new UnauthorizedResult();
+    }
+
+    public void OnActionExecuted(ActionExecutedContext context) { }
+}
\ No newline at end of file