/// <summary>
/// Calls when a process requests authorization.
/// </summary>
/// <param name="actionContext">The action context, which encapsulates information for using <see cref="T:System.Web.Http.Filters.AuthorizationFilterAttribute" />.</param>
public override void OnAuthorization(HttpActionContext actionContext)
{
var activator = GlobalConfiguration.Configuration.Services.GetHttpControllerActivator()
as NinjectKernelActivator;
var authService = activator.Kernel.Get <IAuthenticationService>() as IAuthenticationService;
var token = actionContext.GetBearerToken();
var credentials = authService.GetUserCredentialsByToken(token);
if (credentials.AuthStatus == CredentialsStatus.Invalid)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized,
new ApiResponse(credentials, new ErrorContent()));
}
var controller = actionContext.ControllerContext.Controller as ApiControllerBase;
if (controller != null)
{
controller.CurrentAuthToken = credentials.AuthToken;
}
}