24 lines
863 B
C#
24 lines
863 B
C#
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.AspNetCore.Mvc.Filters;
|
|
|
|
namespace Elecciones.Api.Security;
|
|
|
|
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method)]
|
|
public class ApiKeyAuthAttribute : Attribute, IAsyncActionFilter
|
|
{
|
|
private const string ApiKeyHeaderName = "X-Api-Key";
|
|
|
|
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
|
|
{
|
|
var configuration = context.HttpContext.RequestServices.GetRequiredService<IConfiguration>();
|
|
var apiKey = configuration.GetValue<string>("ApiKey");
|
|
|
|
if (!context.HttpContext.Request.Headers.TryGetValue(ApiKeyHeaderName, out var potentialApiKey) || apiKey == null || !apiKey.Equals(potentialApiKey))
|
|
{
|
|
context.Result = new UnauthorizedResult();
|
|
return;
|
|
}
|
|
|
|
await next();
|
|
}
|
|
} |