public IHttpActionResult Get(string UserName, string Password) { Dictionary <string, string> token = new Dictionary <string, string>(); var db = DatabaseHelper.GetDatabase(); var col = db.GetCollection <UserModel>("users"); var result = col.Find(x => x.UserName == UserName && x.Password == Password).FirstOrDefault(); if (result != null && result.Id != 0) { TokenPayloadModel payload = new TokenPayloadModel() { IdUser = result.Id, LoginDate = DateTime.Now }; byte[] key = Base64Helper.Base64UrlDecode("DropTheMic"); token.Add("WebToken", Jose.JWT.Encode(payload, key, Jose.JwsAlgorithm.HS256)); token.Add("IdUser", payload.IdUser.ToString()); } else { throw new HttpResponseException(HttpStatusCode.NotFound); } return(Ok(token)); }
public override void OnActionExecuting(HttpActionContext actionContext) { string token; JavaScriptSerializer serializer = new JavaScriptSerializer(); controller = actionContext.ControllerContext.Controller as BaseController; if (actionContext.ControllerContext.Request.Headers.Authorization != null) { try { token = actionContext.ControllerContext.Request.Headers.Authorization.ToString(); byte[] key = Base64Helper.Base64UrlDecode("DropTheMic"); JObject userJSON = JObject.Parse(Jose.JWT.Decode(token, key, Jose.JwsAlgorithm.HS256)); TokenPayloadModel user = serializer.Deserialize <TokenPayloadModel>(userJSON.ToString()); controller.InstanceUser(user); } catch (Exception ex) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } } else { if (!((controller is AuthorizationController) || (controller is UsersController && actionContext.Request.Method == System.Net.Http.HttpMethod.Post))) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } } base.OnActionExecuting(actionContext); }