fullstackhero · nbiada · Aug 11, 2021 · unchase · Aug 11, 2021 · nbiada
diff --git a/src/Client/Shared/NavMenu.razor b/src/Client/Shared/NavMenu.razor
@@ -1,12 +1,13 @@
 @inject Microsoft.Extensions.Localization.IStringLocalizer<NavMenu> _localizer
 @using System.Security.Claims
+@using BlazorHero.CleanArchitecture.Shared.Constants.Storage
 
 <UserCard />
 <MudNavMenu>
     <MudNavLink Href="/" Match="NavLinkMatch.All" Icon="@Icons.Material.Outlined.Home">@_localizer["Home"]</MudNavLink>
     @if (_canViewHangfire)
     {
-        <MudNavLink Href="/jobs" Target="_blank" Icon="@Icons.Material.Outlined.Work">
+        <MudNavLink Href="@_jobsLink" Target="_blank" Icon="@Icons.Material.Outlined.Work">
             @_localizer["Hangfire"]
         </MudNavLink>
     }
@@ -102,6 +103,10 @@
     private bool _canViewProducts;
     private bool _canViewBrands;
 
+    // example of authorization using token from navlink
+    private string _accessToken;
+    private string _jobsLink;
+
     protected override async Task OnParametersSetAsync()
     {
         _authenticationStateProviderUser = await _stateProvider.GetAuthenticationStateProviderUserAsync();
@@ -115,5 +120,8 @@
         _canViewChat = (await _authorizationService.AuthorizeAsync(_authenticationStateProviderUser, Permissions.Communication.Chat)).Succeeded;
         _canViewProducts = (await _authorizationService.AuthorizeAsync(_authenticationStateProviderUser, Permissions.Products.View)).Succeeded;
         _canViewBrands = (await _authorizationService.AuthorizeAsync(_authenticationStateProviderUser, Permissions.Brands.View)).Succeeded;
+
+        _accessToken = await _localStorage.GetItemAsync<string>(StorageConstants.Local.AuthToken);
+        _jobsLink = $"/jobs?token={_accessToken}";
     }
 }
diff --git a/src/Server/Filters/HangfireAuthorizationFilter.cs b/src/Server/Filters/HangfireAuthorizationFilter.cs
@@ -1,4 +1,9 @@
-using Hangfire.Dashboard;
+using System;
+using System.IdentityModel.Tokens.Jwt;
+using System.Linq;
+using BlazorHero.CleanArchitecture.Shared.Constants.Permission;
+using Hangfire.Dashboard;
+using Microsoft.AspNetCore.Http;
 
 namespace BlazorHero.CleanArchitecture.Server.Filters
 {
@@ -14,7 +19,48 @@ public bool Authorize(DashboardContext context)
             //return httpContext.User.Identity.IsAuthenticated;
             //return httpContext.User.IsInRole(Permissions.Hangfire.View);
 
-            return true;
+            // example of authorization using token from navlink
+            var httpContext = context.GetHttpContext();
+
+            string jwtToken;
+            bool readFromCookie = false;
+
+            bool readFromQuery = httpContext.Request.Query.TryGetValue("token", out var jwtTokenFromQuery);
+
+            if (readFromQuery)
+            {
+                jwtToken = jwtTokenFromQuery.ToString();
+            }
+            else
+            {
+                readFromCookie = httpContext.Request.Cookies.TryGetValue("token", out jwtToken);
+            }
+
+            if (!readFromCookie && !readFromQuery) return false;
+
+            var handler = new JwtSecurityTokenHandler();
+            var token = handler.ReadJwtToken(jwtToken);
+            if (token is null) return false;
+
+            var expirationTime = token.ValidTo;
+
+            if (DateTime.Now > expirationTime) return false;
+
+            if (readFromQuery)
+            {
+                CookieOptions options = new CookieOptions
+                {
+                    Expires = expirationTime
+                };
+                httpContext.Response.Cookies.Append("token", jwtToken, options);
+            }
+
+            var hangfireViewPermission =
+                token.Claims.Any(w => w.Value.Equals(Permissions.Hangfire.View));
+
+            return hangfireViewPermission;
+
+            // return true;
         }
     }
 }