0
[HttpGet]
public IActionResult GetCategoriesWithImagesAsync()
{
    var result = _categoryService.GetCategoriesWithImagesAsync();
    return Ok(result);
}

Here I'd like to add something like Authorize, and return more data if user is logged in. Is it possible?

EDIT! I'm using JWT to check if user is logged in.

gruby
  • 116
  • 7
  • Can you be more specific? I understand both your questions but fail to get the relation between them. What are you trying to achieve? – Stefan Feb 04 '22 at 18:18
  • 2
    Btw, not sure if `Ok()` accepts a `Task` as parameter. – Stefan Feb 04 '22 at 18:19
  • You can check claims for current user or try resolving `IAuthorizationService` and implement needed stuff from there in the body of action. – Guru Stron Feb 04 '22 at 18:22
  • yeah :D my fault, incorrect method name, hah. To be more specific: if user is not logged in I want to return categories with data, if user is logged in return category without data (only header is filled). I don't want to send. I don't want to send a bool variable, I want to detect it somehow. – gruby Feb 04 '22 at 18:23
  • To detect if a user is logged in should be fairly easy. Also to see its claims/roles. For the authentication part maybe this helps. On my mobile so I cant check. https://stackoverflow.com/questions/18006283/how-to-check-if-user-is-logged-in – Stefan Feb 04 '22 at 18:27
  • from ASP.NET 5 there is no System.Web.HttpContext.Current :/ – gruby Feb 04 '22 at 18:32
  • `userManager.GetUserAsync() != null` – Pieterjan Feb 04 '22 at 18:34
  • @Pieterjan I don't get it, what do you mean? – gruby Feb 04 '22 at 18:39
  • 1
    @Stefan [HttpGet] public IActionResult GetCategoriesWithImagesAsync() { Request.HttpContext.User.Identity.IsAuthenticated var result = _categoryService.GetCategoriesWithImages(); return Ok(result); } Is it ok? – gruby Feb 04 '22 at 18:53
  • I think @Pieterjan's answer would be better – Stefan Feb 04 '22 at 19:49
  • Ah `HttpContext.User.Identity.IsAuthenticated` that's the one I was looking for... – Pieterjan Feb 04 '22 at 19:56
  • ok, but it's always false – gruby Feb 04 '22 at 20:15
  • my fault again :D I forgot to send token from angular to API, now I can detect this, thanks a lot :P – gruby Feb 05 '22 at 11:24

1 Answers1

1

The AuthorizeAttribute will always block execution of the controller method if unauthorized.

What you can do is, if you're using Identity that is, inject the UserManager and call GetUserAsync to check if the user is signed in.

[Controller]
[Route("api/V1")]
public class CategoryController : Controller
{
    private readonly UserManager<IdentityUser<Guid>> userManager;
    public CategoryController(UserManager<IdentityUser<Guid>> userManager)
    {
        this.userManager = userManager;
    }

    public async Task<IActionResult> GetCategoriesWithImagesAsync()
    {
        var user = await userManager.GetUserAsync(User);
        if (user == null)
        {
        }
        else
        {
        }
    }
}
Pieterjan
  • 2,738
  • 4
  • 28
  • 55