public HttpResponseMessage Post([FromBody] Login login)
{
var response = new HttpResponseMessage();
var user = _authenticatorProvider.Login(login.Username, login.Password);
if (null != user)
{
response = Request.CreateResponse(HttpStatusCode.Accepted, user);
}
else
{
response.StatusCode = HttpStatusCode.Forbidden;
}
return(response);
}
protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
if (request.RequestUri.LocalPath.EndsWith("user") || request.RequestUri.LocalPath.EndsWith("activity"))
{
var response = await base.SendAsync(request, cancellationToken);
return(response);
}
var authHeader = request.Headers.Authorization;
if (authHeader == null)
{
return(await CreateUnauthorizedResponse());
}
if (authHeader.Scheme != BasicScheme)
{
return(await CreateUnauthorizedResponse());
}
var encodedCredentials = authHeader.Parameter;
var credentialBytes = Convert.FromBase64String(encodedCredentials);
var credentials = Encoding.ASCII.GetString(credentialBytes);
var credentialParts = credentials.Split(AuthorizationHeaderSeparator);
if (credentialParts.Length != 2)
{
return(await CreateUnauthorizedResponse());
}
var username = credentialParts[0].Trim();
var password = credentialParts[1].Trim();
if (null != _authenticatorProvider.Login(username, password))
{
var response = await base.SendAsync(request, cancellationToken);
return(response);
}
return(await CreateUnauthorizedResponse());
}