private bool IsAuthorized(AuthTokenBlob tokenBlob)
{
using (IRepository repo = new DbRepository())
{
string token = repo.GetActiveToken(tokenBlob.Email);
return(token == tokenBlob.Token);
}
}
protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
var cookies = Request.Cookies;
Task <AuthenticateResult> result = Task.FromResult(AuthenticateResult.NoResult());
string authToken = cookies[CookieName.AuthToken];
AuthTokenBlob tokenBlob = DataEncryption.Decrypt <AuthTokenBlob>(authToken);
if (IsAuthorized(tokenBlob))
{
var identity = new ClaimsIdentity(nameof(AuthCookieHandler));
var ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), Scheme.Name);
User user = GetUser(tokenBlob.Email);
Context.Items.Add("user", user);
result = Task.FromResult(AuthenticateResult.Success(ticket));
}
return(result);
}