protected override bool CheckAccessCore(OperationContext operationContext)
{
var factory = new Backend.DAL_implementation.RepositoryFactory();
var accRepo = factory.GetRepository <Account>();
var identity = operationContext.ServiceSecurityContext.PrimaryIdentity;
var user = accRepo.Get().FirstOrDefault(acc => acc.Name == identity.Name);
if (user == null)
{
operationContext.ServiceSecurityContext.AuthorizationContext.Properties["Principal"] = new GenericPrincipal(operationContext.ServiceSecurityContext.PrimaryIdentity, new string[] { "Anonymous" });
return(true);
}
var role = user.Role.Symbol;
operationContext.ServiceSecurityContext.AuthorizationContext.Properties["Principal"] = new GenericPrincipal(operationContext.ServiceSecurityContext.PrimaryIdentity, new string[] { role });
return(true);
}
public override void Validate(string userName, string password)
{
var factory = new Backend.DAL_implementation.RepositoryFactory();
var accRepo = factory.GetRepository <Account>();
var user = accRepo.Get().FirstOrDefault(acc => acc.Name == userName);
if (user == null)
{
throw new FaultException("user not found");
}
else
{
var isPasswordMatched = ValidationHelper.ValidatePassword(password, new UserPasswordHashed {
HashedPassword = user.PasswordHash, PasswordSalt = user.PasswordSalt
});
if (!isPasswordMatched)
{
throw new FaultException("wrong password");
}
}
}
