protected async override System.Threading.Tasks.Task <HttpResponseMessage> SendAsync(
HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
{
if (id != null)
{
using (WebAPIPhase_2Context db = new WebAPIPhase_2Context())
{
var user = db.Users.Find(id);
if (user.ApiKey == key)
{
IList <Claim> claim = new List <Claim>
{
new Claim(ClaimTypes.Name, user.Email),
};
var identity = new ClaimsIdentity(claim, "APIKey");
var principal = new ClaimsPrincipal(identity);
Thread.CurrentPrincipal = principal;
}
}
}
var response = await base.SendAsync(request, cancellationToken);
var headers = response.Headers;
if (headers.Contains("xcmps383authenticationid") && headers.Contains("xcmps383authenticationid"))
{
id = Int32.Parse(response.Headers.GetValues("xcmps383authenticationid").FirstOrDefault());
key = response.Headers.GetValues("xcmps383authenticationkey").FirstOrDefault();
}
return(response);
}
private bool ValidateByApiKey(HttpRequestMessage request)
{
WebAPIPhase_2Context db = new WebAPIPhase_2Context();
var headers = request.Headers;
if (headers.Contains("xcmps383authenticationkey") && headers.Contains("xcmps383authenticationid"))
{
var apiKey = (headers.Where(m => m.Key == "xcmps383authenticationkey").First().Value.First());
var userID = Convert.ToInt32(headers.Where(m => m.Key == "xcmps383authenticationid").First().Value.First());
var user = db.Users.FirstOrDefault(m => m.UserId == userID);
return(user != null && user.ApiKey == apiKey);
}
return(false);
}
