public static void Authenticate(HttpRequestMessage request, out TeamsOfUser teamsOfUser) { var authorization = request.Headers.Authorization; if (authorization == null) { throw new CustomHttpException(System.Net.HttpStatusCode.BadRequest, "Authorization header missing"); } if (authorization.Scheme != "Basic") { throw new CustomHttpException(System.Net.HttpStatusCode.BadRequest, "Basic authorization header missing"); } if (string.IsNullOrEmpty(authorization.Parameter.Trim())) { throw new CustomHttpException(System.Net.HttpStatusCode.BadRequest, "Missing credentials"); } string credentials = Encoding.UTF8.GetString(Convert.FromBase64String(authorization.Parameter)); var username = credentials.Split(':')[0]; var password = credentials.Split(':')[1]; teamsOfUser = Authentication.Login(username, password); if (teamsOfUser != null) { teamsOfUser.Token = JwtManager.GenerateToken(username); } else { throw new CustomHttpException(System.Net.HttpStatusCode.Unauthorized, "Wrong username or password"); } }
public static TeamsOfUser Login(string username, string password) { using (var ctx = new EFContext()) { var userTeams = (from u in ctx.Users join ut in ctx.UserTeams.Include(x => x.User).Include(x => x.Team) on u.UserId equals ut.UserId into gj from x in gj.DefaultIfEmpty() select new { x.Team, User = u }).Where(x => x.User.UserName == username).ToList(); if (userTeams.Count <= 0) { return(null); } var model = new TeamsOfUser() { Teams = new List <Team>(), User = new User() }; for (int i = 0; i < userTeams.Count; i++) { var item = userTeams.ElementAt(i); if (i == 0) { model.User = item.User; } if (item.Team != null) { model.Teams.Add(item.Team); } } if (model.User.PasswordHash == HashingPasswords.GenerateHash(password, model.User.PasswordSalt)) { return(model); } return(null); } }