Implement proposal Improve authorization performance jasontaylordev#1046

Moved Roles authorization from Identity Service DB verification to verify Roles user Claim.
Lanz86 · Apr 20, 2024 · d17c806 · d17c806
1 parent 357a072
commit d17c806
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 1 deletion.
diff --git a/src/Application/Common/Behaviours/AuthorizationBehaviour.cs b/src/Application/Common/Behaviours/AuthorizationBehaviour.cs
@@ -41,7 +41,7 @@ public async Task<TResponse> Handle(TRequest request, RequestHandlerDelegate<TRe
                 {
                     foreach (var role in roles)
                     {
-                        var isInRole = await _identityService.IsInRoleAsync(_user.Id, role.Trim());
+                        var isInRole = _user.Roles?.Any(x => role == x)??false;
                         if (isInRole)
                         {
                             authorized = true;

diff --git a/src/Application/Common/Interfaces/IUser.cs b/src/Application/Common/Interfaces/IUser.cs
@@ -3,4 +3,6 @@
 public interface IUser
 {
     string? Id { get; }
+    List<string>? Roles { get; }
+
 }
diff --git a/src/Web/Services/CurrentUser.cs b/src/Web/Services/CurrentUser.cs
@@ -14,4 +14,6 @@ public CurrentUser(IHttpContextAccessor httpContextAccessor)
     }
 
     public string? Id => _httpContextAccessor.HttpContext?.User?.FindFirstValue(ClaimTypes.NameIdentifier);
+    public List<string>? Roles => _httpContextAccessor.HttpContext?.User?.FindAll(ClaimTypes.Role).Select(x => x.Value).ToList();
+
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -14,4 +14,6 @@ public CurrentUser(IHttpContextAccessor httpContextAccessor) @@
         }
         public string? Id => _httpContextAccessor.HttpContext?.User?.FindFirstValue(ClaimTypes.NameIdentifier);
+        public List<string>? Roles => _httpContextAccessor.HttpContext?.User?.FindAll(ClaimTypes.Role).Select(x => x.Value).ToList();
     }