public void OnAuthorization(System.Web.Mvc.AuthorizationContext filterContext)
{
fmpEntities fmp = new fmpEntities();
try
{
string username = filterContext.RequestContext.HttpContext.Request.Headers.Get("logusr");
string token = filterContext.RequestContext.HttpContext.Request.Headers.Get("token");
string password = (from u in fmp.users
where u.username == username
select u.password).FirstOrDefault();
if (!utilities.Security.isValidToken(username, password, token))
{
filterContext.Result = new HttpUnauthorizedResult();
}
}
catch (Exception e)
{
filterContext.Result = new HttpUnauthorizedResult();
}
}
