/// <summary> /// Validando o usuário no banco de dados /// </summary> /// <param name="currentPrincipal"></param> /// <param name="identity"></param> /// <param name="filterContext"></param> /// <returns></returns> private IPrincipal OnAuthorizeUser(MobileIdentity identity, HttpActionContext filterContext) { ApplicationUser user = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>().Find(identity.Login, identity.Password); if (user != null) { identity.IdUsuario = user.Id; identity.Modules = user.Claims.Where(p => p.ClaimType != Permissions.PERMISSAO.GetString()).Select(c => c.ClaimValue).ToList(); return(new GenericPrincipal(identity, null)); } else { return(Thread.CurrentPrincipal); } }
public override void OnAuthorization(HttpActionContext filterContext) { MobileIdentity identity = isRequestValid(filterContext); if (identity == null) { InvalidateRequest(filterContext); return; } Thread.CurrentPrincipal = OnAuthorizeUser(identity, filterContext); if (!Thread.CurrentPrincipal.Identity.IsAuthenticated) { InvalidateRequest(filterContext); return; } base.OnAuthorization(filterContext); }