protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request,
                                                               CancellationToken cancellationToken)
        {
            AuthenticationHeaderValue header = request.Headers.Authorization;
            if (header != null && header.Scheme.Equals("Basic", StringComparison.OrdinalIgnoreCase))
            {
                Credentials credentials = GetBase64Credentials(header.Parameter);
                var session = request.Properties[Application.Keys.RavenDbSessionKey] as IDocumentSession;
                Person person = session.Query<Person>().FirstOrDefault(
                    p => p.Username.Equals(credentials.Username, StringComparison.InvariantCultureIgnoreCase));

                if (person.IsThePassword(credentials.Password))
                {
                    var identity = new PersonIdentity(person);
                    Thread.CurrentPrincipal = new GenericPrincipal(identity, person.Roles.ToArray());
                }
            }

            return base.SendAsync(request, cancellationToken).ContinueWith(
                t =>
                    {
                        if (t.Result.StatusCode == HttpStatusCode.Unauthorized)
                        {
                            t.Result.Headers.WwwAuthenticate.Add(
                                new AuthenticationHeaderValue("Basic", "realm=\"Teamworks Api\""));
                        }
                        return t.Result;
                    });
            ;
        }
        public override void OnActionExecuting(HttpActionContext context)
        {
            IIdentity identity = HttpContext.Current.User.Identity;
            if (!string.IsNullOrEmpty(identity.Name) &&
                identity.AuthenticationType.Equals("Forms", StringComparison.OrdinalIgnoreCase))
            {
                var session = context.Request.Properties[Application.Keys.RavenDbSessionKey] as IDocumentSession;
                var person = session.Load<Person>(identity.Name);
                if (person != null)
                {
                    identity = new PersonIdentity(person);
                    Thread.CurrentPrincipal = new GenericPrincipal(identity, person.Roles.ToArray());
                }
            }

            base.OnActionExecuting(context);
        }