mz/DiunaBI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

DataInbox - some security fixes

Browse Source
This commit is contained in:
Michał Zieliski
2024-07-15 19:46:02 +02:00
parent 26850c73ef
commit 6295e5263c
4 changed files with 70 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
WebAPI/Program.cs
View File

@@ -60,7 +60,9 @@ var app = builder.Build();
app.Use(async (context, next) =>
{
var token = context.Request.Headers.Authorization.ToString();
if (token.Length > 0 && !context.Request.Path.ToString().Contains("getForPowerBI")) {
if (token.Length > 0
&& !context.Request.Path.ToString().Contains("getForPowerBI")
&& !context.Request.Path.ToString().Contains("DataInbox/Add")) {
var handler = new JwtSecurityTokenHandler();
var data = handler.ReadJwtToken(token.Split(' ')[1]);
context.Request.Headers.Append("UserId", new Microsoft.Extensions.Primitives.StringValues(data.Subject));