public override Task OnAuthorizationAsync(HttpActionContext actionContext, CancellationToken cancellationToken)
{
var principal = actionContext.RequestContext.Principal as ClaimsPrincipal;
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any <AllowAnonymousAttribute>() || actionContext.ControllerContext.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any <AllowAnonymousAttribute>())
{
return(Task.FromResult <object>(null));
}
if (!principal.Identity.IsAuthenticated)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
return(Task.FromResult <object>(null));
}
if (UserConfig.GetLoggedOutUser().Contains(principal.FindFirst(e => e.Type == "user").Value))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
return(Task.FromResult <object>(null));
}
if (!(principal.HasClaim(e => e.Type.ToLower().Equals(ClaimType.ToLower()) &&
ClaimValue.ToLower().Contains(e.Value.ToLower()))))
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
return(Task.FromResult <object>(null));
}
return(Task.FromResult <object>(null));
}
public IHttpActionResult LogedOutUsers()
{
return(Ok(UserConfig.GetLoggedOutUser()));
}