protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var authHeader = request.Headers.Authorization; if (authHeader == null) { return(base.SendAsync(request, cancellationToken)); } if (authHeader.Scheme != "Basic") { return(base.SendAsync(request, cancellationToken)); } var encodedUserPass = authHeader.Parameter.Trim(); var userPass = Encoding.ASCII.GetString(Convert.FromBase64String(encodedUserPass)); var parts = userPass.Split(":".ToCharArray()); var username = parts[0]; var password = parts[1]; var identity = new BasicAuthenticationIdentity(username, password); var principal = new GenericPrincipal(identity, null); Thread.CurrentPrincipal = principal; if (HttpContext.Current != null) { HttpContext.Current.User = principal; } return(base.SendAsync(request, cancellationToken)); }
private static bool Authencate(BasicAuthenticationIdentity identify) { var repo = RepositoryManager.GetRepository <ISysOperatorRepository>(); var operatorInfos = repo.Query(new Hashtable { { "LoginName", identify.Name }, { "Status", (int)GeneralStatus.Enabled } }); if (!operatorInfos.Any()) { return(false); } var operatorInfo = operatorInfos.First(); var hashPassword = SysOperatorExtension.ExcryptPassword(identify.Password, operatorInfo.Salt); identify.AuthorizationOperatorInfo = operatorInfo; return(hashPassword == operatorInfo.Password); }