private bool Authorize(HttpActionContext actionContext)
{
try
{
IEnumerable <String> AuthenticationHeaders;
actionContext.Request.Headers.TryGetValues(TokenManager.TOKEN_HEADER_NAME, out AuthenticationHeaders);
String token = AuthenticationHeaders.First();
String userName = TokenManager.ExtractUserNameFromToken(token);
String timeStamp = TokenManager.ExtractUserTimesatmpFromToken(token);
User WantedUser = RepositoriesFactory.CreateRepository <UsersRepository, User>()
.Query().FirstOrDefault <User>(currUser => currUser.UserName == userName);
if (WantedUser == null)
{
return(false);
}
else if (!_allowedPermissionTypes.Contains(WantedUser.Permission))
{
return(false);
}
String hashedPassword = WantedUser.Password;
return(TokenManager.IsTokenValid(token, userName, hashedPassword, TokenManager.GetAccesseingClientIp(actionContext.Request), timeStamp));
}
catch (Exception e)
{
return(false);
}
}
private User GetCurrentUser()
{
if (_currUser == null)
{
IEnumerable <String> AuthenticationHeaders;
Request.Headers.TryGetValues(TokenManager.TOKEN_HEADER_NAME, out AuthenticationHeaders);
String token = AuthenticationHeaders.First();
String UserName = TokenManager.ExtractUserNameFromToken(token);
_currUser = RepositoriesFactory.CreateRepository <UsersRepository, User>().Query().FirstOrDefault(currUser => currUser.UserName == UserName);
}
return(_currUser);
}
