public static void Authenticate(HttpRequestMessage request, out TeamsOfUser teamsOfUser)
{
var authorization = request.Headers.Authorization;
if (authorization == null)
{
throw new CustomHttpException(System.Net.HttpStatusCode.BadRequest, "Authorization header missing");
}
if (authorization.Scheme != "Basic")
{
throw new CustomHttpException(System.Net.HttpStatusCode.BadRequest, "Basic authorization header missing");
}
if (string.IsNullOrEmpty(authorization.Parameter.Trim()))
{
throw new CustomHttpException(System.Net.HttpStatusCode.BadRequest, "Missing credentials");
}
string credentials = Encoding.UTF8.GetString(Convert.FromBase64String(authorization.Parameter));
var username = credentials.Split(':')[0];
var password = credentials.Split(':')[1];
teamsOfUser = Authentication.Login(username, password);
if (teamsOfUser != null)
{
teamsOfUser.Token = JwtManager.GenerateToken(username);
}
else
{
throw new CustomHttpException(System.Net.HttpStatusCode.Unauthorized, "Wrong username or password");
}
}
public static TeamsOfUser Login(string username, string password)
{
using (var ctx = new EFContext())
{
var userTeams = (from u in ctx.Users
join ut in ctx.UserTeams.Include(x => x.User).Include(x => x.Team) on u.UserId equals ut.UserId into gj
from x in gj.DefaultIfEmpty()
select new
{
x.Team,
User = u
}).Where(x => x.User.UserName == username).ToList();
if (userTeams.Count <= 0)
{
return(null);
}
var model = new TeamsOfUser()
{
Teams = new List <Team>(),
User = new User()
};
for (int i = 0; i < userTeams.Count; i++)
{
var item = userTeams.ElementAt(i);
if (i == 0)
{
model.User = item.User;
}
if (item.Team != null)
{
model.Teams.Add(item.Team);
}
}
if (model.User.PasswordHash == HashingPasswords.GenerateHash(password, model.User.PasswordSalt))
{
return(model);
}
return(null);
}
}
