This commit is contained in:
@@ -62,7 +62,6 @@ namespace AyaNova
|
||||
{
|
||||
_newLog.LogDebug("Initializing services...");
|
||||
|
||||
|
||||
_newLog.LogDebug("Profiler");
|
||||
//https://dotnetthoughts.net/using-miniprofiler-in-aspnetcore-webapi/
|
||||
services.AddMemoryCache();
|
||||
@@ -70,61 +69,22 @@ namespace AyaNova
|
||||
{
|
||||
options.RouteBasePath = "/profiler";
|
||||
//options.ShouldProfile = request => MyShouldThisBeProfiledFunction(request);
|
||||
options.ShouldProfile = request =>
|
||||
{
|
||||
// options.ShouldProfile = request =>
|
||||
// {
|
||||
|
||||
return true;
|
||||
};
|
||||
//options.IgnoredPaths
|
||||
// return true;
|
||||
// };
|
||||
// options.IgnoredPaths.Add("/auth");
|
||||
options.IgnorePath("/auth").IgnorePath("/user").IgnorePath("/docs");
|
||||
options.ResultsAuthorize = request =>
|
||||
{
|
||||
// if(request.HttpContext.Items)
|
||||
//{[AY_ROLES, 0]}
|
||||
if (request.HttpContext.Items["AY_PROFILER_ALLOWED"] != null)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
// //Idea: use a query parameter on page link to stats
|
||||
// //that param is download token, if it's present it tries to validate it and then allow if ok
|
||||
// //weirdly this gets called on any request not just for the results, so need to check the path first then do the rest I guess or just default to false
|
||||
// //System.Diagnostics.Debug.WriteLine(request.Path.Value);
|
||||
// // /profiler/results-index
|
||||
// // /profiler/results-list
|
||||
// // /profiler/results-list
|
||||
// // /profiler/results-list
|
||||
// // /profiler/results
|
||||
// if (request.Path.Value.StartsWith("/profiler/results"))
|
||||
// {
|
||||
// //someone is requesting the profiler
|
||||
// //check for a dl token "t" and rehydrate user if found
|
||||
// //if(request.Query.Count==0) return false;
|
||||
// if (!request.Query.ContainsKey("t")) return false;
|
||||
// var token = request.Query["t"];
|
||||
// using (AyContext ct = ServiceProviderProvider.DBContext)
|
||||
// {
|
||||
// var DownloadUser = ct.User.AsNoTracking().SingleOrDefault(z => z.DlKey == token && z.Active == true);
|
||||
// if (DownloadUser == null) return false;
|
||||
|
||||
|
||||
// //this is necessary because they might have an expired JWT but this would just keep on working without a date check
|
||||
// //the default is the same timespan as the jwt so it's all good
|
||||
// var utcNow = new DateTimeOffset(DateTime.Now.ToUniversalTime(), TimeSpan.Zero);
|
||||
// if (DownloadUser.DlKeyExpire < utcNow.DateTime) return false;
|
||||
|
||||
// //Ok, it's allowed, let's go
|
||||
// return true;
|
||||
|
||||
|
||||
// }
|
||||
|
||||
// }
|
||||
|
||||
return false;
|
||||
};
|
||||
// options.ShouldProfile`
|
||||
options.EnableServerTimingHeader = false;
|
||||
options.TrackConnectionOpenClose = false;
|
||||
// options.EnableServerTimingHeader = false;
|
||||
// options.TrackConnectionOpenClose = false;
|
||||
// options.ShouldProfile=false;
|
||||
|
||||
}).AddEntityFramework();
|
||||
@@ -473,7 +433,7 @@ namespace AyaNova
|
||||
//the default is the same timespan as the jwt so it's all good
|
||||
var utcNow = new DateTimeOffset(DateTime.Now.ToUniversalTime(), TimeSpan.Zero);
|
||||
if (u.DlKeyExpire > utcNow.DateTime)
|
||||
{
|
||||
{
|
||||
if (AyaNova.Api.ControllerHelpers.Authorized.HasReadFullRole(u.Roles, AyaType.Metrics))
|
||||
context.Request.HttpContext.Items["AY_PROFILER_ALLOWED"] = true;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user