protected override bool AuthorizeCore(HttpContextBase httpContext) { var cookie = httpContext.Request.Cookies.AllKeys.Contains("token") ? httpContext.Request.Cookies["token"] : null; if (cookie == null) { return(false); } var token = cookie.Value; if (string.IsNullOrEmpty(token)) { return(false); } var tokenIsValid = JwtTokenProvider.IsValid(token); if (!tokenIsValid) { return(false); } var userModel = JwtTokenProvider.GetUserModel(token); foreach (var role in allowedroles) { if (userModel.Roles.Any(r => r == role)) { return(true); } } return(false); }