public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (aExecuting)
{
var authHeader = filterContext.HttpContext.Request.Headers[authHeaderKey];
if (authHeader != null)
{
var basicTokens = authHeader.Split(' ');
if (!"Basic".Equals(basicTokens[0]))
{
HandleUnauthorized(filterContext);
return;
}
var decodedAuthToken = Base64Decode(basicTokens[1]);
var vals = decodedAuthToken.Split(':');
var username = vals[0];
var password = vals[1];
Employee emp = EmployeeDAO.GetUserPassword(username);
if (emp != null && password.Equals(emp.Password))
{
AuthUtil.CreatePrincipal(emp);
base.OnActionExecuting(filterContext);
return;
}
}
HandleUnauthorized(filterContext);
}
}
public Dictionary <string, object> Login(Employee emp)
{
Dictionary <string, object> resDict = new Dictionary <string, object>();
Employee emp2 = EmployeeDAO.GetUserPassword(emp.UserName);
if (emp2 == null || string.IsNullOrEmpty(emp2.UserName))
{
resDict.Add("login", false);
resDict.Add("msg", "Username not found");
}
else if (!emp.Password.Equals(emp2.Password))
{
resDict.Add("login", false);
resDict.Add("msg", "Incorrect password");
}
else
{
resDict.Add("login", true);
resDict.Add("msg", "Login success");
resDict.Add("emp", emp2);
AuthUtil.CreatePrincipal(emp2);
}
return(resDict);
}