protected override void Initialize(RequestContext context) { string clientToken = context.HttpContext.Request.GetClientToken(); var provider = new Provider(DbConvention.GetCatalog()); var token = provider.GetToken(clientToken); string catalog = DbConvention.GetCatalog(); if (token != null) { bool isValid = AccessTokens.IsValid(token.ClientToken, context.HttpContext.GetClientIpAddress(), context.HttpContext.GetUserAgent()); if (isValid) { AppUsers.SetCurrentLogin(catalog, token.LoginId); var loginView = AppUsers.GetCurrent(catalog, token.LoginId); this.MetaUser = new MetaUser { Catalog = catalog, ClientToken = token.ClientToken, LoginId = token.LoginId, UserId = token.UserId, OfficeId = token.OfficeId }; var identity = new ClaimsIdentity(token.Claims, DefaultAuthenticationTypes.ApplicationCookie, ClaimTypes.NameIdentifier, ClaimTypes.Role); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture))); if (loginView.RoleName != null) { identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName)); } if (loginView.Email != null) { identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email)); } context.HttpContext.User = new ClaimsPrincipal(identity); } } base.Initialize(context); }
protected override void Initialize(HttpControllerContext context) { string clientToken = context.Request.GetBearerToken(); var provider = new Provider(DbConvention.GetCatalog()); var token = provider.GetToken(clientToken); string catalog = DbConvention.GetCatalog(); if (token != null) { AppUsers.SetCurrentLogin(catalog, token.LoginId); var loginView = AppUsers.GetCurrent(catalog, token.LoginId); this.MetaUser = new MetaUser { Catalog = DbConvention.GetCatalog(), ClientToken = token.ClientToken, LoginId = token.LoginId, UserId = loginView.UserId.To<int>(), OfficeId = loginView.OfficeId.To<int>() }; var identity = new ClaimsIdentity(token.Claims); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, token.LoginId.ToString(CultureInfo.InvariantCulture))); if (loginView.RoleName != null) { identity.AddClaim(new Claim(ClaimTypes.Role, loginView.RoleName)); } if (loginView.Email != null) { identity.AddClaim(new Claim(ClaimTypes.Email, loginView.Email)); } context.RequestContext.Principal = new ClaimsPrincipal(identity); } base.Initialize(context); }