public override void OnActionExecuting(HttpActionContext actionContext) { try { var headers = actionContext.Request.Headers; if (headers.Authorization != null) { if (headers.Authorization.Scheme == "Token") { using (UserRepo repo = new UserRepo()) { var result = repo.Auth(headers.Authorization.Parameter); if (result == null) throw new UnauthorizedException(); actionContext.ActionArguments.Add(KEY, result.Value); } } } else throw new UnauthorizedException(); } catch (UnauthorizedException) { actionContext.Response = new HttpResponseMessage { StatusCode = HttpStatusCode.Unauthorized, }; } }