private bool AttachBasic(HttpContext context, string token) { try { var temp = token.Split(" "); if (temp[0] == "Bearer") { return(false); } if (temp[0] != "Basic" || temp.Length != 2) { throw new Exception("malformed basic authorization header"); } temp = Encoding.UTF8.GetString(Convert.FromBase64String(temp[1])).Split(":"); if (temp.Length != 2) { throw new Exception("malformed basic authorization header"); } temp[1] = Convert.ToBase64String(KeyDerivation.Pbkdf2(temp[1], _config.Salt, KeyDerivationPrf.HMACSHA1, 1000, 256 / 8)); if (_persistence.CheckUserPassword(temp[0], temp[1])) { context.Items["User"] = _persistence.GetUserByName(temp[0]); } else { throw new Exception("invalid basic authorization credentials"); } return(true); } catch (Exception e) { _log.Log(e.ToString()); return(false); } }