public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext)
{
string sPattern = string.Format(
"Validating app key header for '{0} {1}' from '{2}'",
actionContext.Request.Method,
actionContext.Request.RequestUri,
actionContext.Request.GetRemoteIp()
);
ms_oLog.Debug("{0} started.", sPattern);
HttpRequestMessage oRequest = actionContext.Request;
if (!oRequest.Headers.Contains(Const.Headers.AppKey))
{
actionContext.Response = HandleActionExecutedAttribute.CreateResponse(
GetApiVersion(actionContext),
actionContext.Request,
HttpStatusCode.Unauthorized,
"No app key specified."
);
ms_oLog.Debug("{0} failed: no app key header found.", sPattern);
return;
} // if
string sAppKey = oRequest.Headers.GetValues(Const.Headers.AppKey).First();
var oSec = new SecurityStub();
if (!oSec.IsAppKeyValid(sAppKey))
{
actionContext.Response = HandleActionExecutedAttribute.CreateResponse(
GetApiVersion(actionContext),
actionContext.Request,
HttpStatusCode.Forbidden,
"Invalid app key specified ({0}).",
sAppKey
);
ms_oLog.Debug("{0} failed: invalid app key header found: '{1}'.", sPattern, sAppKey);
return;
} // if
ms_oLog.Debug("{0} succeeded.", sPattern);
} // OnActionExecuting
public string Post([FromBody] LoginModel oModel)
{
try {
var oSec = new SecurityStub();
string sToken = oSec.Login(oModel, Request.GetRemoteIp());
if (string.IsNullOrWhiteSpace(sToken))
{
throw Return.Status(ApiVersion, HttpStatusCode.Unauthorized, "Invalid user name or password.");
}
return(sToken);
}
catch (HttpResponseException) {
throw;
}
catch (Exception e) {
throw Return.Error(ApiVersion, "Failed to validate user credentials: {0}.", e.Message);
} // try
} // Post
public ValidateSessionTokenAttribute()
{
m_oSecurity = new SecurityStub();
} // constructor
