public override void OnAuthorization(HttpActionContext actionContext)
{
if (actionContext.Request.Headers.Authorization == null)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
"you must send user name + pwd in basic authentication");
return;
}
string basicAuthBase64Token = actionContext.Request.Headers.Authorization.Parameter;
string decodedString = Encoding.UTF8.GetString(Convert.FromBase64String(basicAuthBase64Token)); // itay:12345
string[] authParams = decodedString.Split(':');
string username = authParams[0];
string pwd = authParams[1];
ILoginToken token = FlightCenterSystem.Login(username, pwd, out BaseFacade facade);
// checked if facade/token is null
// 1 examine the token
//if (token is LoginToken<Administrator>)
if (facade is AdminFacade)
{
// ok to go
// check if actionContext.Request.RequestUri -- is admin ?
}
else
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
"User is not admin. please try again");
}
}
public void LoginAirline()
{
countryDAO.Add(new Country("Israel"));
AirlineCompany airlineUser = airlineDAO.Add(new AirlineCompany("ELAL", "ELALUSERNAME", "ELALPASSWORD", countryDAO.GetCountryByName("Israel").ID));
FacadeBase facade;
ILoginToken loginToken;
centerSystem.Login("ELALUSERNAME", "ELALPASSWORD", out facade, out loginToken);
Assert.IsTrue(loginToken is LoginToken <AirlineCompany>);
Assert.IsTrue(facade is LoggedInAirlineFacadeMSSQL);
}
