public IHttpActionResult Post([FromBody] LoginRequest login) { try { //Senha genérica, se houver controle de login no cliente, precisa fazer consumo ou leitura do banco para obter login e senha válidos if (string.Compare(login.Login, "login", StringComparison.CurrentCultureIgnoreCase) == 0 && string.Compare(login.Password, "S3nh@", StringComparison.CurrentCultureIgnoreCase) == 0) { var token = new TokenERP { UsuarioId = 0, Login = login.Login, DataExpiracao = DateTime.Today.AddDays(1).AddMinutes(-1) }; if (token != null) { return(Ok(token.GerarTokenString())); } } return(Unauthorized()); } catch (Exception ex) { return(InternalServerError(ex)); } }
public override void OnActionExecuting(HttpActionContext actionContext) { TokenERP token = null; try { token = actionContext.RecuperarToken(); } catch (SignatureVerificationException) { TokenExpirado(actionContext); } catch (Exception ex) { actionContext.Response = actionContext.Request.CreateResponse( HttpStatusCode.InternalServerError, ex); } if (token == null || DateTime.Now > token.DataExpiracao) { TokenExpirado(actionContext); } base.OnActionExecuting(actionContext); }