public void GenerateEnvironment() { var authRules = XDocument.Load(@"D:\Signum\Southwind\Southwind.Load\AuthRules.xml"); //Change this route if necessary. Only god knows where MSTest is running. SouthwindEnvironment.Start(); Administrator.TotalGeneration(); Schema.Current.Initialize(); OperationLogic.AllowSaveGlobally = true; using (AuthLogic.Disable()) { SouthwindEnvironment.LoadBasics(); AuthLogic.LoadRoles(authRules); SouthwindEnvironment.LoadEmployees(); SouthwindEnvironment.LoadUsers(); SouthwindEnvironment.LoadProducts(); SouthwindEnvironment.LoadCustomers(); SouthwindEnvironment.LoadShippers(); AuthLogic.ImportRulesScript(authRules, interactive: false).PlainSqlCommand().ExecuteLeaves(); } OperationLogic.AllowSaveGlobally = false; }
public static bool LoginFromCookie(ActionContext ac) { using (AuthLogic.Disable()) { try { if (!ac.HttpContext.Request.Cookies.TryGetValue(CookieName, out string ticketText) || !ticketText.HasText()) { return(false); //there is no cookie } var httpConnection = ac.HttpContext.Features.Get <IHttpConnectionFeature>(); UserEntity user = UserTicketLogic.UpdateTicket(httpConnection.RemoteIpAddress.ToString(), ref ticketText); AuthServer.OnUserPreLogin(ac, user); ac.HttpContext.Response.Cookies.Append(CookieName, ticketText, new CookieOptions { Domain = ac.HttpContext.Request.Host.Host.ToString(), Path = new UrlHelper(ac).Content("~/"), Expires = DateTime.UtcNow.Add(UserTicketLogic.ExpirationInterval), }); AuthServer.AddUserSession(ac, user); return(true); } catch { //Remove cookie RemoveCookie(ac); return(false); } } }
public static void RegisterRoleTypeCondition(SchemaBuilder sb, TypeConditionSymbol typeCondition) { sb.Schema.Settings.AssertImplementedBy((UserChartEntity uq) => uq.Owner, typeof(RoleEntity)); TypeConditionLogic.RegisterCompile <UserChartEntity>(typeCondition, uq => AuthLogic.CurrentRoles().Contains(uq.Owner) || uq.Owner == null); }
public UserEntity ChangePassword(ChangePasswordRequest request) { if (string.IsNullOrEmpty(request.oldPassword)) { throw ModelException("oldPassword", AuthMessage.PasswordMustHaveAValue.NiceToString()); } if (string.IsNullOrEmpty(request.newPassword)) { throw ModelException("newPassword", AuthMessage.PasswordMustHaveAValue.NiceToString()); } var user = UserEntity.Current; if (!user.PasswordHash.SequenceEqual(Security.EncodePassword(request.oldPassword))) { throw ModelException("oldPassword", AuthMessage.InvalidPassword.NiceToString()); } user.PasswordHash = Security.EncodePassword(request.newPassword); using (AuthLogic.Disable()) user.Execute(UserOperation.Save); return(user); }
private void AddFriendListEntryHandler(List <object> objects) { bool success = AuthLogic.AddFriend((FriendList.Type)(uint) objects[2], (string)objects[3], (string)objects[4]); Network.AuthServer.TransactionCounter = (uint)objects[1]; Network.AuthServer.SendTransactionSuccessCode(success ? TransactionSuccessCode.Success : TransactionSuccessCode.Aborted); }
// GET: Course/Details/5 public ActionResult Details(string token, string id) { string username = AuthLogic.CheckToken(token); if (username == "") { throw new Exception("NotAuthorized"); } ViewData["token"] = token; var course = Course.GetCourse(id); // cast to Subscribed CourseView courseView = CourseView.CastFromCourseModel(course.ModelCourse); if (courseView.Author == username) { ViewData["isAuthor"] = true; } else { ViewData["isAuthor"] = false; } ViewData["courseId"] = id; // return the subscribed one! return(View(courseView)); }
internal void SetRules(BaseRulePack <TypeAllowedRule> rules) { using (AuthLogic.Disable()) { var current = Database.Query <RuleTypeEntity>().Where(r => r.Role == rules.Role && r.Resource != null).ToDictionary(a => a.Resource); var should = rules.Rules.Where(a => a.Overriden).ToDictionary(r => r.Resource); Synchronizer.Synchronize(should, current, (type, ar) => ar.Allowed.ToRuleType(rules.Role, type).Save(), (type, pr) => pr.Delete(), (type, ar, pr) => { pr.Allowed = ar.Allowed.Fallback !.Value; var shouldConditions = ar.Allowed.Conditions.Select(a => new RuleTypeConditionEmbedded { Allowed = a.Allowed, Condition = a.TypeCondition, }).ToMList(); if (!pr.Conditions.SequenceEqual(shouldConditions)) { pr.Conditions = shouldConditions; } if (pr.IsGraphModified) { pr.Save(); } });
/// <summary> /// Redirect user to Respective module based on login infomation /// </summary> /// <param name="form"></param> /// <returns></returns> public async Task <ActionResult> Login(FormCollection form) { try { AuthLogic logic = new AuthLogic(); var userSession = await logic.WebLogin(form["email"], form["password"]); if (userSession != null) { HttpCookie authCookie = new HttpCookie(Literals.CookieToken); authCookie[Literals.APIToken] = userSession.AuthToken; authCookie.Expires = DateTime.Now.AddDays(100); authCookie.Secure = false; Response.Cookies.Add(authCookie); if (userSession.Attende.AdminInfo?.UserRole == (int)enUserRole.Moderator && userSession.IsActive == true) { return(RedirectToAction("Index", "Moderator")); } if (userSession.Attende.AdminInfo?.UserRole == (int)enUserRole.EventManager && userSession.IsActive == true) { return(RedirectToAction("Index", "EventManager")); } return(RedirectToAction("Index", "Home")); } } catch (Exception ex) { Helpers.LogError("Login failed", ex); ViewData[Literals.ErrorKey] = ex.Message; return(RedirectToAction("index")); } return(RedirectToAction("index")); }
public ActionResult <LoginResponse> ChangePassword([Required, FromBody] ChangePasswordRequest request) { if (string.IsNullOrEmpty(request.oldPassword)) { return(ModelError("oldPassword", AuthMessage.PasswordMustHaveAValue.NiceToString())); } if (string.IsNullOrEmpty(request.newPassword)) { return(ModelError("newPassword", AuthMessage.PasswordMustHaveAValue.NiceToString())); } var user = UserEntity.Current; if (!user.PasswordHash.SequenceEqual(Security.EncodePassword(request.oldPassword))) { return(ModelError("oldPassword", AuthMessage.InvalidPassword.NiceToString())); } user.PasswordHash = Security.EncodePassword(request.newPassword); using (AuthLogic.Disable()) user.Execute(UserOperation.Save); return(new LoginResponse { userEntity = user, token = AuthTokenServer.CreateToken(UserEntity.Current) }); }
public async Task GenerateJWTTest_ReturnUser() { var options = new DbContextOptionsBuilder <AppDbContext>() .UseInMemoryDatabase(databaseName: "UserDatabase") .Options; using (var context = new AppDbContext(options)) { context.ct_user.Add(new User { Id = 1, Email = "*****@*****.**", Name = "jeremey", Password = password }); context.SaveChanges(); } using (var context = new AppDbContext(options)) { userrepos = new UserRepos(context); AppSettings inputappsetings = new AppSettings(); inputappsetings.Secret = "thisisasecret"; appsettings = Options.Create(inputappsetings); AuthLogic authlogic = new AuthLogic(userrepos, appsettings); LoginViewModel user2 = new LoginViewModel(); user2.Email = "*****@*****.**"; user2.Password = "******"; User user; user = await authlogic.GenerateJWT(user2); Assert.AreEqual(user.Email, user2.Email); } }
static MapColorProvider[] GetMapColors() { if (!BasicPermission.AdminRules.IsAuthorized()) { return(new MapColorProvider[0]); } var roleRules = AuthLogic.RolesInOrder().ToDictionary(r => r, r => TypeAuthLogic.GetTypeRules(r).Rules.ToDictionary(a => a.Resource.CleanName, a => a.Allowed)); return(roleRules.Keys.Select((r, i) => new MapColorProvider { Name = "role-" + r.Key(), NiceName = "Role - " + r.ToString(), AddExtra = t => { TypeAllowedAndConditions tac = roleRules[r].TryGetC(t.typeName); if (tac == null) { return; } t.extra["role-" + r.Key() + "-ui"] = GetName(ToStringList(tac, userInterface: true)); t.extra["role-" + r.Key() + "-db"] = GetName(ToStringList(tac, userInterface: false)); t.extra["role-" + r.Key() + "-tooltip"] = ToString(tac.Fallback) + "\n" + (tac.Conditions.IsNullOrEmpty() ? null : tac.Conditions.ToString(a => a.TypeCondition.NiceToString() + ": " + ToString(a.Allowed), "\n") + "\n"); }, Order = 10, }).ToArray()); }
protected override void OnActionExecuting(ActionExecutingContext filterContext) { string AuthToken = string.Empty; if (filterContext.ActionParameters.ContainsKey(Literals.APIToken) && filterContext.ActionParameters[Literals.APIToken] != null) { AuthToken = filterContext.ActionParameters[Literals.APIToken].ToString(); } if (string.IsNullOrEmpty(AuthToken) && Request.Cookies[Literals.CookieToken] != null) { AuthToken = Request.Cookies[Literals.CookieToken][Literals.APIToken]; } if (!string.IsNullOrEmpty(AuthToken)) { AuthLogic authLogic = new AuthLogic(); _currentSession = authLogic.CheckSession(AuthToken); if (_currentSession != null) { ViewBag.AppUser = _currentSession.Attende; } //set current session variale here } base.OnActionExecuting(filterContext); }
public async Task <CredentialMakeResult> MakeCredential([Required, FromBody] MakeCredentialsRequest request) { using (AuthLogic.Disable()) { var optionsEntity = Database.Retrieve <WebAuthnMakeCredentialsOptionsEntity>(request.CreateOptionsId); var options = CredentialCreateOptions.FromJson(optionsEntity.Json); var result = await fido2.MakeNewCredentialAsync(request.AttestationRawResponse, options, async (args) => { return(!(await Database.Query <WebAuthnCredentialEntity>().AnyAsync(c => c.CredentialId == args.CredentialId))); }); if (result.Status != "ok") { throw new InvalidOperationException(options.ErrorMessage); } new WebAuthnCredentialEntity { CredentialId = result.Result.CredentialId, PublicKey = result.Result.PublicKey, User = Lite.ParsePrimaryKey <UserEntity>(Encoding.UTF8.GetString(result.Result.User.Id)), Counter = (int)result.Result.Counter, CredType = result.Result.CredType, Aaguid = result.Result.Aaguid, }.Save(); return(result); } }
public static MainWindowProxy OpenAndLogin(string userName, string password) { AutomationElement loginElement = FindOpenWindow("Welcome to Southwind"); Process process = null; if (loginElement == null) { process = Process.Start(@"D:\Signum\Southwind\Southwind.Windows\bin\Debug\Southwind.Windows.exe"); process.WaitForInputIdle(); loginElement = AutomationElement.RootElement.WaitChild(a => a.Current.ProcessId == process.Id && a.Current.ClassName == "Login", 5000); } var result = new MainWindowProxy(LoginWindowProxy.LoginAndContinue(loginElement, userName, password)); if (process != null) { result.Disposed += () => process.Kill(); } CultureInfoEntity culture = AuthLogic.RetrieveUser(userName).CultureInfo; Thread.CurrentThread.CurrentCulture = Thread.CurrentThread.CurrentUICulture = culture?.ToCultureInfo() ?? new CultureInfo("en-US"); return(result); }
public FacadeController(AuthLogic authLogic, TurnLogic turnLogic) { _authLogic = authLogic; _turnLogic = turnLogic; drawcardcontroller = new DrawCardController(); strategy = new Strategy(); }
static MapColorProvider[] GetMapColors() { if (!BasicPermission.AdminRules.IsAuthorized()) { return(new MapColorProvider[0]); } var roleRules = AuthLogic.RolesInOrder().ToDictionary(r => r, r => TypeAuthLogic.GetTypeRules(r).Rules.ToDictionary(a => Navigator.ResolveWebTypeName(a.Resource.ToType()), a => a.Allowed)); return(roleRules.Keys.Select((r, i) => new MapColorProvider { Name = "role-" + r.Key(), NiceName = "Role - " + r.ToString(), GetJsProvider = ColorModule["authAdminColor"](MapClient.NodesConstant, "role-" + r.Key()), AddExtra = t => { TypeAllowedAndConditions tac = roleRules[r].TryGetC(t.webTypeName); if (tac == null) { return; } t.extra["role-" + r.Key() + "-ui"] = GetName(ToStringList(tac, userInterface: true)); t.extra["role-" + r.Key() + "-db"] = GetName(ToStringList(tac, userInterface: false)); t.extra["role-" + r.Key() + "-tooltip"] = ToString(tac.Fallback) + "\n" + (tac.Conditions.IsNullOrEmpty() ? null : tac.Conditions.ToString(a => a.TypeCondition.NiceToString() + ": " + ToString(a.Allowed), "\n") + "\n"); }, Defs = i == 0 ? GetAllGradients(roleRules) : null, Order = 10, }).ToArray()); }
public ActionResult Create(IFormCollection collection) { try { var courseName = new StringValues(); var description = new StringValues(); var token = new StringValues(); string id = ""; if (collection.TryGetValue("CourseName", out courseName) && collection.TryGetValue("Description", out description) && collection.TryGetValue("token", out token)) { var username = AuthLogic.CheckToken(token.ToString()); if (username == "") { throw new Exception("NotAuthorized"); } // save course id = Course.CreateCourse(courseName.ToString(), description.ToString(), username); } return(RedirectToAction("Details", new { token = token, id = id })); } catch { return(View()); } }
private void LoginHandler56(List <object> data) { Network.AuthServer.TransactionCounter = (uint)data[1]; if (AuthLogic.Login(System.BitConverter.ToString((byte[])data[2]), System.BitConverter.ToString((byte[])data[3]), (string)data[5])) { Game.State = GameState.CharacterScreen; Game.Player.Account.SendCharacters(); Network.AuthServer.Send(AuthServerMessage.Gui, Network.AuthServer.TransactionCounter, (ushort)0); Game.Player.FriendList.Init(); Network.AuthServer.Send(AuthServerMessage.PlayerStatus, Network.AuthServer.TransactionCounter, (uint)Game.Player.Status); Network.AuthServer.Send(AuthServerMessage.AccountPermissions, Network.AuthServer.TransactionCounter, 2, 4, new byte[] { 0x38, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, new byte[] { 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x0C, 0x00 }, new byte[16], // account id new byte[16], // last played character id 8, // account management system version Game.Player.Account.SerializeUnlocks(), (byte)23, // accepted eula 0); // enable name change (requires name change credits) Network.AuthServer.SendTransactionSuccessCode(TransactionSuccessCode.Success); } else { Network.AuthServer.SendTransactionSuccessCode(TransactionSuccessCode.LoginFailed); } }
Dictionary <Lite <RoleEntity>, RoleAllowedCache> NewCache() { using (AuthLogic.Disable()) using (new EntityCache(EntityCacheType.ForceNewSealed)) { List <Lite <RoleEntity> > roles = AuthLogic.RolesInOrder().ToList(); var rules = Database.Query <RuleTypeEntity>().ToList(); var errors = GraphExplorer.FullIntegrityCheck(GraphExplorer.FromRoots(rules)); if (errors != null) { throw new IntegrityCheckException(errors); } Dictionary <Lite <RoleEntity>, Dictionary <Type, TypeAllowedAndConditions> > realRules = rules.AgGroupToDictionary(ru => ru.Role, gr => gr .SelectCatch(ru => KeyValuePair.Create(TypeLogic.EntityToType.GetOrThrow(ru.Resource), ru.ToTypeAllowedAndConditions())) .ToDictionaryEx()); Dictionary <Lite <RoleEntity>, RoleAllowedCache> newRules = new Dictionary <Lite <RoleEntity>, RoleAllowedCache>(); foreach (var role in roles) { var related = AuthLogic.RelatedTo(role); newRules.Add(role, new RoleAllowedCache(role, merger, related.Select(r => newRules.GetOrThrow(r)).ToList(), realRules.TryGetC(role))); } return(newRules); } }
public QueryAllowed Merge(object key, Lite <RoleEntity> role, IEnumerable <KeyValuePair <Lite <RoleEntity>, QueryAllowed> > baseValues) { QueryAllowed best = AuthLogic.GetMergeStrategy(role) == MergeStrategy.Union ? Max(baseValues.Select(a => a.Value)) : Min(baseValues.Select(a => a.Value)); var maxUp = QueryAuthLogic.MaxAutomaticUpgrade.TryGetS(key); if (maxUp.HasValue && maxUp <= best) { return(best); } if (!BasicPermission.AutomaticUpgradeOfQueries.IsAuthorized(role)) { return(best); } if (baseValues.Where(a => a.Value.Equals(best)).All(a => GetDefault(key, a.Key).Equals(a.Value))) { var def = GetDefault(key, role); return(maxUp.HasValue && maxUp <= def ? maxUp.Value : def); } return(best); }
static string RefreshToken(AuthToken oldToken, out UserEntity newUser) { newUser = AuthLogic.Disable().Using(_ => Database.Query <UserEntity>().SingleOrDefaultEx(u => u.Id == oldToken.User.Id)); if (newUser == null) { throw new AuthenticationException(AuthMessage.TheUserIsNotLongerInTheDatabase.NiceToString()); } if (newUser.State == UserState.Disabled) { throw new AuthenticationException(AuthMessage.User0IsDisabled.NiceToString(newUser)); } if (newUser.UserName != oldToken.User.UserName) { throw new AuthenticationException(AuthMessage.InvalidUsername.NiceToString()); } if (!newUser.PasswordHash.EmptyIfNull().SequenceEqual(oldToken.User.PasswordHash.EmptyIfNull())) { throw new AuthenticationException(AuthMessage.InvalidPassword.NiceToString()); } AuthToken newToken = new AuthToken { User = newUser, CreationDate = TimeZoneManager.Now, }; var result = SerializeToken(newToken); return(result); }
public string SetCurrentCulture([Required, FromBody] Lite <CultureInfoEntity> culture) { var ci = ExecutionMode.Global().Using(_ => culture.RetrieveAndRemember().ToCultureInfo()); if (UserEntity.Current != null && !UserEntity.Current.Is(AuthLogic.AnonymousUser)) //Won't be used till next refresh { using (AuthLogic.Disable()) using (OperationLogic.AllowSave <UserEntity>()) { var user = UserEntity.Current.ToLite().RetrieveAndRemember(); user.CultureInfo = culture.RetrieveAndRemember(); UserEntity.Current = user; user.Save(); } } ControllerContext.HttpContext.Response.Cookies.Append("language", ci.Name, new CookieOptions { Expires = DateTimeOffset.Now.AddYears(10), Path = "/", IsEssential = true, Domain = Request.Host.Host }); return(ci.Name); }
private void MoveFriendListEntryHandler(List <object> objects) { bool success = AuthLogic.MoveFriend(new Guid((byte[])objects[3]), (FriendList.Type)(uint) objects[2]); Network.AuthServer.TransactionCounter = (uint)objects[1]; Network.AuthServer.SendTransactionSuccessCode(success ? TransactionSuccessCode.Success : TransactionSuccessCode.Aborted); }
public static ResetPasswordRequestEntity SendResetPasswordRequestEmail(string email) { UserEntity?user; using (AuthLogic.Disable()) { user = Database .Query <UserEntity>() .SingleOrDefault(u => u.Email == email && u.State != UserState.Deactivated); if (user == null) { throw new ApplicationException(AuthEmailMessage.EmailNotFound.NiceToString()); } } try { var request = ResetPasswordRequest(user); string url = EmailLogic.Configuration.UrlLeft + @"/auth/ResetPassword?code={0}".FormatWith(request.Code); using (AuthLogic.Disable()) new ResetPasswordRequestEmail(request, url).SendMail(); return(request); } catch (Exception ex) { ex.LogException(); throw new ApplicationException(LoginAuthMessage.AnErrorOccurredRequestNotProcessed.NiceToString()); } }
private void PlayRequest(List <object> objects) { Network.AuthServer.TransactionCounter = (uint)objects[1]; var mapId = (uint)objects[3]; if (mapId != 0) { AuthLogic.Play((Map)mapId); } else { Game.State = GameState.CharacterCreation; Network.AuthServer.Send(AuthServerMessage.Dispatch, Network.AuthServer.TransactionCounter, 0, mapId, new byte[] { 0x02, 0x00, 0x23, 0x98, 0x22, 0x22, 0x22, 0x22, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, 0); } }
private static SignumAuthenticationResult ApiKeyAuthenticator(HttpActionContext ctx) { var nvp = ctx.Request.RequestUri.ParseQueryString(); IEnumerable <string> queryKeys = ctx.Request.RequestUri .ParseQueryString() .GetValues(RestApiKeyLogic.ApiKeyQueryParameter)? .Distinct() ?? Enumerable.Empty <string>(); IEnumerable <string> headerKeys; ctx.Request.Headers.TryGetValues(RestApiKeyLogic.ApiKeyHeaderParameter, out headerKeys); var keys = queryKeys.Union(headerKeys ?? Enumerable.Empty <string>()); if (keys.Count() == 1) { using (AuthLogic.Disable()) { var user = RestApiKeyLogic.RestApiKeyCache.Value.GetOrThrow(keys.Single(), $"Could not authenticate with the API Key {keys.Single()}.").User.Retrieve(); return(new SignumAuthenticationResult { User = user }); } } else if (keys.Count() > 1) { throw new AuthenticationException("Request contains multiple API Keys. Please use a single API Key per request for authentication."); } return(null); }
public void GenerateEnvironment() { var authRules = XDocument.Load(@"..\..\..\..\Southwind.Load\AuthRules.xml"); SouthwindEnvironment.Start(); Administrator.TotalGeneration(); Schema.Current.Initialize(); OperationLogic.AllowSaveGlobally = true; using (AuthLogic.Disable()) { SouthwindEnvironment.LoadBasics(); AuthLogic.LoadRoles(authRules); SouthwindEnvironment.LoadEmployees(); SouthwindEnvironment.LoadUsers(); SouthwindEnvironment.LoadProducts(); SouthwindEnvironment.LoadCustomers(); SouthwindEnvironment.LoadShippers(); AuthLogic.ImportRulesScript(authRules, interactive: false) !.PlainSqlCommand().ExecuteLeaves(); } OperationLogic.AllowSaveGlobally = false; }
internal XElement ExportXml(List <Type>?allTypes) { var rules = runtimeRules.Value; return(new XElement("Types", (from r in AuthLogic.RolesInOrder() let rac = rules.GetOrThrow(r) select new XElement("Role", new XAttribute("Name", r.ToString()), from k in allTypes ?? (rac.DefaultDictionary().OverrideDictionary?.Keys).EmptyIfNull() let allowedBase = rac.GetAllowedBase(k) let allowed = rac.GetAllowed(k) where allTypes != null || !allowed.Equals(allowedBase) let resource = TypeLogic.GetCleanName(k) orderby resource select new XElement("Type", new XAttribute("Resource", resource), new XAttribute("Allowed", allowed.Fallback.ToString()), from c in allowed.Conditions let conditionName = c.TypeCondition.Key orderby conditionName select new XElement("Condition", new XAttribute("Name", conditionName), new XAttribute("Allowed", c.Allowed.ToString())) ) ) ))); }
public IActionResult Login(IFormCollection collection) { var email = new StringValues(); var pass = new StringValues(); string token = ""; if (collection.TryGetValue("Email", out email) && collection.TryGetValue("Password", out pass)) { try { var auth = new AuthLogic(); auth.Email = email.ToString(); auth.Password = pass.ToString(); token = auth.Login(); return(RedirectToAction("Index", "Profile", new { token = token })); } catch (Exception) { return(Error()); } } else { return(Error()); } }
/// <summary> /// Constructor /// </summary> public override void OnActionExecuting(HttpActionContext context) { AuthLogic authLogic = new AuthLogic(db); JSendMessage json; var header = context.Request.Headers.SingleOrDefault(x => x.Key == "token"); bool valid, isAdmin, okDate; if (header.Value == null) { valid = false; } else { // Tokenul apartine unui admin isAdmin = authLogic.VerifyAdminToken(header.Value.First()); // Tokenul este valid okDate = authLogic.VerifyTokenDate(header.Value.First()); valid = isAdmin && okDate; } if (!valid) { json = new JSendMessage("fail", "Invalid Authorization Key"); context.Response = context.Request.CreateResponse(HttpStatusCode.Forbidden, json); } }