public async Task <HttpResponseMessage> LoginAccount([FromBody] Credent credential)
{
Resumes resumes = new Resumes();
string id = await resumes.checkIndent(credential.Account, credential.Password);
if (id == null)
{
return(Request.CreateResponse(HttpStatusCode.NotFound));
}
return(Request.CreateResponse(HttpStatusCode.Found, id));
}
//<----defines the authenticate logic---->
public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
HttpRequestMessage request = context.Request;
AuthenticationHeaderValue authentication = request.Headers.Authorization;
if (request.Headers.Authorization != null && request.Headers.Authorization.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase))
{
string enUsernameAndPassword = authentication.Parameter;
if (enUsernameAndPassword != null)
{
try
{
// Convert 64-base encoding credential to binary
Encoding encoding = Encoding.GetEncoding("ISO-8859-1");
string UsernameAndPassword;
UsernameAndPassword = encoding.GetString(Convert.FromBase64String(enUsernameAndPassword));
int seperator = UsernameAndPassword.IndexOf(':');
string username = UsernameAndPassword.Substring(0, seperator);
string password = UsernameAndPassword.Substring(seperator + 1);
Resumes resumes = new Resumes();
// if username is Tom, password is 123, authenticate. Otherwise, unauthenticate.
if (await resumes.checkIndent(username, password) != null)
{
var claims = new List <Claim>()
{
new Claim(ClaimTypes.Name, username)
};
var id = new ClaimsIdentity(claims, "Basic");
var principal = new ClaimsPrincipal(new[] { id });
context.Principal = principal;
}
}
catch (FormatException)
{
HttpContext.Current.Response.StatusCode = 401;
}
}
}
else
{
context.ErrorResult = new UnauthorizedResult(new AuthenticationHeaderValue[0], context.Request);
}
}
