Add phase requirement filter for vote/results endpoints
This commit is contained in:
@@ -1,6 +1,7 @@
|
|||||||
using GameList.Data;
|
using GameList.Data;
|
||||||
using GameList.Domain;
|
using GameList.Domain;
|
||||||
using Microsoft.EntityFrameworkCore;
|
using Microsoft.EntityFrameworkCore;
|
||||||
|
using GameList.Infrastructure;
|
||||||
|
|
||||||
namespace GameList.Endpoints;
|
namespace GameList.Endpoints;
|
||||||
|
|
||||||
@@ -8,7 +9,9 @@ public static class ResultsEndpoints
|
|||||||
{
|
{
|
||||||
public static void MapResultsEndpoints(this IEndpointRouteBuilder app)
|
public static void MapResultsEndpoints(this IEndpointRouteBuilder app)
|
||||||
{
|
{
|
||||||
var group = app.MapGroup("/api/results").RequireAuthorization();
|
var group = app.MapGroup("/api/results")
|
||||||
|
.RequireAuthorization()
|
||||||
|
.AddEndpointFilter(new PhaseRequirementFilter(Phase.Results));
|
||||||
|
|
||||||
group.MapGet(
|
group.MapGet(
|
||||||
"/",
|
"/",
|
||||||
|
|||||||
@@ -3,6 +3,7 @@ using GameList.Data;
|
|||||||
using GameList.Domain;
|
using GameList.Domain;
|
||||||
using Microsoft.AspNetCore.Mvc;
|
using Microsoft.AspNetCore.Mvc;
|
||||||
using Microsoft.EntityFrameworkCore;
|
using Microsoft.EntityFrameworkCore;
|
||||||
|
using GameList.Infrastructure;
|
||||||
|
|
||||||
namespace GameList.Endpoints;
|
namespace GameList.Endpoints;
|
||||||
|
|
||||||
@@ -10,7 +11,9 @@ public static class VoteEndpoints
|
|||||||
{
|
{
|
||||||
public static void MapVoteEndpoints(this IEndpointRouteBuilder app)
|
public static void MapVoteEndpoints(this IEndpointRouteBuilder app)
|
||||||
{
|
{
|
||||||
var group = app.MapGroup("/api/votes").RequireAuthorization();
|
var group = app.MapGroup("/api/votes")
|
||||||
|
.RequireAuthorization()
|
||||||
|
.AddEndpointFilter(new PhaseRequirementFilter(Phase.Vote));
|
||||||
|
|
||||||
group.MapGet("/mine", async (HttpContext ctx, AppDbContext db) =>
|
group.MapGet("/mine", async (HttpContext ctx, AppDbContext db) =>
|
||||||
{
|
{
|
||||||
|
|||||||
31
Infrastructure/PhaseRequirementFilter.cs
Normal file
31
Infrastructure/PhaseRequirementFilter.cs
Normal file
@@ -0,0 +1,31 @@
|
|||||||
|
using GameList.Data;
|
||||||
|
using GameList.Domain;
|
||||||
|
using GameList.Endpoints;
|
||||||
|
|
||||||
|
namespace GameList.Infrastructure;
|
||||||
|
|
||||||
|
public class PhaseRequirementFilter : IEndpointFilter
|
||||||
|
{
|
||||||
|
private readonly Phase _required;
|
||||||
|
|
||||||
|
public PhaseRequirementFilter(Phase required)
|
||||||
|
{
|
||||||
|
_required = required;
|
||||||
|
}
|
||||||
|
|
||||||
|
public async ValueTask<object?> InvokeAsync(EndpointFilterInvocationContext context, EndpointFilterDelegate next)
|
||||||
|
{
|
||||||
|
var httpContext = context.HttpContext;
|
||||||
|
var db = httpContext.RequestServices.GetRequiredService<AppDbContext>();
|
||||||
|
var player = await EndpointHelpers.GetAuthenticatedPlayer(httpContext, db);
|
||||||
|
if (player is null) return Results.Unauthorized();
|
||||||
|
|
||||||
|
var phase = await EndpointHelpers.GetPhase(db, player.Id);
|
||||||
|
if (phase != _required)
|
||||||
|
{
|
||||||
|
return EndpointHelpers.PhaseMismatch(_required, phase);
|
||||||
|
}
|
||||||
|
|
||||||
|
return await next(context);
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user