FluentCMS icon indicating copy to clipboard operation
FluentCMS copied to clipboard
verified publisher icon fluentcms

Code review for AuthContext

Open pournasserian opened this issue 1 year ago • 3 comments

In the below code is the if condition correct? Isn't the User always not null?

    public AuthContext(IHttpContextAccessor httpContextAccessor)
    {
        _httpContextAccessor = httpContextAccessor;
        _serviceProvider = _httpContextAccessor.HttpContext?.RequestServices;

        var user = httpContextAccessor.HttpContext?.User;

        if (user != null)
        {
            var idClaimValue = user.FindFirstValue(ClaimTypes.Sid);

            _userId = idClaimValue == null ? Guid.Empty : Guid.Parse(idClaimValue);
            _username = user.FindFirstValue(ClaimTypes.NameIdentifier) ?? string.Empty;
            _isAuthenticated = user?.Identity?.IsAuthenticated ?? false;
            _isApi = user?.FindFirstValue(ClaimTypes.Actor) == "m2m";
        }
    }

pournasserian avatar May 05 '24 15:05 pournasserian

No it's not null. It's populated by our pipeline from jwt token. It's not related to our users in db!

ParsaGachkar avatar May 05 '24 16:05 ParsaGachkar

The question is whether there is any condition that user is null. I think even for an anonymous user, the user object is not null.

pournasserian avatar May 05 '24 19:05 pournasserian

It would be null if Authcontext is used inside an unauthorized action. You are correct. It seems like it is redundant!

ParsaGachkar avatar May 06 '24 02:05 ParsaGachkar