public void OnActionExecuting(ActionExecutingContext context)
{
var definedBasicAuth = _applicationSettings.GetBasicAuth();
if (context.HttpContext.Request.Headers.TryGetValue("Authorization", out StringValues iAuthHeader))
{
string authHeader = iAuthHeader[0].ToString();
if (authHeader != null && authHeader.StartsWith("basic", StringComparison.OrdinalIgnoreCase))
{
var token = authHeader.Substring("Basic ".Length).Trim();
string credentialstring = Encoding.UTF8.GetString(Convert.FromBase64String(token));
if (credentialstring.Equals(definedBasicAuth.UserName + ":" + definedBasicAuth.Password))
{
return;
}
}
}
var result = new Response
{
status = "error",
message = "you are not authorized to perform this action"
};
context.Result = new ObjectResult(result);
}
