using System.Threading.Tasks; using AcaMate.Common.Data; using Microsoft.AspNetCore.Http; using Microsoft.EntityFrameworkCore; namespace AcaMate.Common.Token; public interface IHeaderConfig { Task GetExpectedHeaderValueAsync(string headerName); } public class HeaderConfigRepository : IHeaderConfig { private readonly AppDbContext _dbContext; public HeaderConfigRepository(AppDbContext dbContext) { _dbContext = dbContext; } public async Task GetExpectedHeaderValueAsync(string headerName) { // 예를 들어, HeaderConfig 테이블에 헤더 이름과 기대 값이 저장되어 있다고 가정합니다. var config = await _dbContext.APIHeader. FirstOrDefaultAsync(h => h.h_key == headerName); return config?.h_value ?? string.Empty; } } public class APIHeaderMiddle { private readonly RequestDelegate _next; private readonly string _headerName; private readonly IHeaderConfig _headerConfig; public APIHeaderMiddle(RequestDelegate next, string headerName, IHeaderConfig headerConfig) { _next = next; _headerName = headerName; _headerConfig = headerConfig; } public async Task Invoke(HttpContext context) { var expectedValue = await _headerConfig.GetExpectedHeaderValueAsync(_headerName); if (!context.Request.Headers.TryGetValue(_headerName,out var headerValue) || string.IsNullOrWhiteSpace(headerValue)) // if (!context.Request.Headers.ContainsKey(_headerName) || string.IsNullOrWhiteSpace(context.Request.Headers[_headerName])) { context.Response.StatusCode = StatusCodes.Status400BadRequest; await context.Response.WriteAsync($"Missing or empty header: {_headerName}"); return; } if (headerValue != expectedValue) { context.Response.StatusCode = StatusCodes.Status401Unauthorized; await context.Response.WriteAsync($"Invalid header value"); return; } await _next(context); } }