protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            #region Task5
            // TODO:  Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid
            //        Then authorise the principle on the current thread using a claim, claimidentity and claimsprinciple

            IEnumerable <string> headerValues;
            string headerKey = "";

            if (request.Headers.TryGetValues("ApiKey", out headerValues))
            {
                headerKey = headerValues.First();
                UserDatabaseAccess accessor = new UserDatabaseAccess();
                User existingUser           = accessor.CheckandGetUserExists(headerKey);

                //Will check for user even if nothing exists as header key is "".
                //Maybe not the best idea for efficiency but it's ok for now.
                if (existingUser != null)
                {
                    //Then the key is valid.
                    Claim           claim     = new Claim(ClaimTypes.Name, existingUser.m_UserName);
                    ClaimsIdentity  identity  = new ClaimsIdentity(new[] { claim }, "ApiKey");
                    ClaimsPrincipal principal = new ClaimsPrincipal(identity);
                    Thread.CurrentPrincipal = principal;
                }
            }
            #endregion
            return(base.SendAsync(request, cancellationToken));
        }
        public string Get()
        {
            string headerKey = Request.Headers.GetValues("ApiKey").First();
            User   user      = accessor.CheckandGetUserExists(headerKey);

            accessor.CreateNewLogEntry(headerKey, "User request Protected/Hello");
            return("Hello " + user.m_UserName);
        }
        public bool Delete([FromUri] string username)
        {
            string headerKey = Request.Headers.GetValues("ApiKey").First();
            User   user      = accessor.CheckandGetUserExists(headerKey);

            if (user != null && user.m_UserName == username)
            {
                accessor.DeleteUser(headerKey);
                accessor.CreateNewLogEntry(headerKey, "User request User/Delete");
                return(true);
            }
            return(false);
        }