Skip to content

Commit

Permalink
Merge pull request #171 from vtex-apps/feature/get-appkey-cookie
Browse files Browse the repository at this point in the history
Feature: Get  VtexIdclientAutCookie cookie
  • Loading branch information
cdcs0128 authored Apr 10, 2024
2 parents 40a7a53 + f2455b4 commit 4cd53db
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 4 deletions.
11 changes: 10 additions & 1 deletion dotnet/GraphQL/Query.cs
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,16 @@ public Query(IWishListService wishListService)
resolve: async context =>
{

Console.WriteLine("viewList");
HttpStatusCode isValidAuthUser = await wishListService.IsValidAuthUser();
if (isValidAuthUser != HttpStatusCode.OK)
{
context.Errors.Add(new ExecutionError(isValidAuthUser.ToString())
{
Code = isValidAuthUser.ToString()
});

return null;
}

string shopperId = context.GetArgument<string>("shopperId");
string name = context.GetArgument<string>("name");
Expand Down
12 changes: 9 additions & 3 deletions dotnet/Services/WishListService.cs
Original file line number Diff line number Diff line change
Expand Up @@ -307,17 +307,21 @@ public async Task<ValidatedUser> ValidateUserToken(string token)
public async Task<HttpStatusCode> IsValidAuthUser()
{

if (string.IsNullOrEmpty(_context.Vtex.StoreUserAuthToken) && string.IsNullOrEmpty(_context.Vtex.AdminUserAuthToken))
string VtexIdclientAutCookieKey = this._httpContextAccessor.HttpContext.Request.Headers["VtexIdclientAutCookie"];

if (string.IsNullOrEmpty(_context.Vtex.StoreUserAuthToken) && string.IsNullOrEmpty(_context.Vtex.AdminUserAuthToken) && string.IsNullOrEmpty(VtexIdclientAutCookieKey))
{
return HttpStatusCode.Unauthorized;
}

ValidatedUser validatedUser = null;
ValidatedUser validatedAdminUser = null;
ValidatedUser validatedKeyApp = null;

try {
validatedUser = await ValidateUserToken(_context.Vtex.StoreUserAuthToken);
validatedAdminUser = await ValidateUserToken(_context.Vtex.AdminUserAuthToken);
validatedKeyApp = await ValidateUserToken(VtexIdclientAutCookieKey);
}
catch (Exception ex)
{
Expand All @@ -326,10 +330,12 @@ public async Task<HttpStatusCode> IsValidAuthUser()
return HttpStatusCode.BadRequest;
}


bool hasPermission = validatedUser != null && validatedUser.AuthStatus.Equals("Success");
bool hasAdminPermission = validatedAdminUser != null && validatedAdminUser.AuthStatus.Equals("Success");
bool hasPermissionToken = validatedKeyApp != null && validatedKeyApp.AuthStatus.Equals("Success");

if (!hasPermission && !hasAdminPermission)
if (!hasPermission && !hasAdminPermission && !hasPermissionToken)
{
_context.Vtex.Logger.Warn("IsValidAuthUser", null, "User Does Not Have Permission");

Expand Down

0 comments on commit 4cd53db

Please sign in to comment.