RunnersMeet/src/RunnersMeet.Server/ApiUser.cs

using System.Security.Claims;

namespace RunnersMeet.Server;

public class ApiUser
{
	private const string UnknownUserId = "<unknown>";
	private static readonly AsyncLocal<ApiUser> AsyncLocal = new AsyncLocal<ApiUser>();

	public static ApiUser Current =>
		AsyncLocal.Value ?? throw new InvalidOperationException("No user present in request context");

	public static void Create(ClaimsPrincipal principal)
	{
		if (AsyncLocal.Value != null)
		{
			throw new InvalidOperationException("User can only be set once per request");
		}

		AsyncLocal.Value = new ApiUser(principal);
	}

	public string UserId { get; }
	public IList<string> Claims { get; }
	public bool IsValidUser => UserId != UnknownUserId;

	private ApiUser(ClaimsPrincipal principal)
	{
		UserId = principal.FindFirst(ClaimTypes.NameIdentifier)?.Value ?? UnknownUserId;
		Claims = principal.FindAll("permissions").Select(claim => claim.Value).ToList();
	}
}