public override void OnAuthorization(HttpActionContext actionContext)
{
var authorizeHeader = actionContext.Request.Headers.Authorization;
// && authorizeHeader.Scheme.Equals("bearer ", StringComparison.OrdinalIgnoreCase)
if (authorizeHeader != null && String.IsNullOrEmpty(authorizeHeader.Parameter) == false)
{
FriendFitDBContext objFriendFitEntities = new FriendFitDBContext();
var existingToken = objFriendFitEntities.UserTokens.Where(x => x.TokenCode == authorizeHeader.Parameter).FirstOrDefault();
if (existingToken != null)
{
var principal = new GenericPrincipal((new GenericIdentity(existingToken.UserId.ToString())),
(new[] { existingToken.RoleId.ToString() }));
Thread.CurrentPrincipal = principal;
if (HttpContext.Current != null)
{
HttpContext.Current.User = principal;
}
return;
}
}
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
actionContext.Response.Content = new StringContent("Username and password are missings or invalid");
}
public EmailTrackerWrapper()
{
_objFriendFitDBEntity = new FriendFitDBContext();
}