public override void OnAuthorization(HttpActionContext actionContext) { var authorizeHeader = actionContext.Request.Headers.Authorization; // && authorizeHeader.Scheme.Equals("bearer ", StringComparison.OrdinalIgnoreCase) if (authorizeHeader != null && String.IsNullOrEmpty(authorizeHeader.Parameter) == false) { FriendFitDBContext objFriendFitEntities = new FriendFitDBContext(); var existingToken = objFriendFitEntities.UserTokens.Where(x => x.TokenCode == authorizeHeader.Parameter).FirstOrDefault(); if (existingToken != null) { var principal = new GenericPrincipal((new GenericIdentity(existingToken.UserId.ToString())), (new[] { existingToken.RoleId.ToString() })); Thread.CurrentPrincipal = principal; if (HttpContext.Current != null) { HttpContext.Current.User = principal; } return; } } actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized); actionContext.Response.Content = new StringContent("Username and password are missings or invalid"); }
public EmailTrackerWrapper() { _objFriendFitDBEntity = new FriendFitDBContext(); }