Example #1
0
            public void OnActionExecuting(ActionExecutingContext context)
            {
                var definedBasicAuth = _applicationSettings.GetBasicAuth();

                if (context.HttpContext.Request.Headers.TryGetValue("Authorization", out StringValues iAuthHeader))
                {
                    string authHeader = iAuthHeader[0].ToString();

                    if (authHeader != null && authHeader.StartsWith("basic", StringComparison.OrdinalIgnoreCase))
                    {
                        var    token            = authHeader.Substring("Basic ".Length).Trim();
                        string credentialstring = Encoding.UTF8.GetString(Convert.FromBase64String(token));
                        if (credentialstring.Equals(definedBasicAuth.UserName + ":" + definedBasicAuth.Password))
                        {
                            return;
                        }
                    }
                }

                var result = new Response
                {
                    status  = "error",
                    message = "you are not authorized to perform this action"
                };

                context.Result = new ObjectResult(result);
            }