public override void OnAuthorization(HttpActionContext actionContext)
{
var headers = actionContext.Request.Headers;
IEnumerable <string> values;
var token = string.Empty;
if (headers.TryGetValues(Constants.Headers.AdminTokenHeader, out values))
{
token = values.FirstOrDefault();
if (!CommonExtensions.IsValidAdminToken(token))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
}
}
else if (headers.TryGetValues(Constants.Headers.AuthTokenHeader, out values))
{
token = values.FirstOrDefault();
if (!CommonExtensions.IsValidToken(token))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
}
}
base.OnAuthorization(actionContext);
}
