public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext actionContext) { if (actionContext.Request.Headers.Authorization == null) { actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized); } else { string authToken = actionContext.Request.Headers.Authorization.Parameter; string decodedToken = Encoding.UTF8.GetString(Convert.FromBase64String(authToken)); if (!string.IsNullOrEmpty(decodedToken)) { string[] paramters = decodedToken.Split(':'); if (paramters.Length == 2) { ErpUser obj = new ErpUser() { Username = paramters[0], Token = Guid.Parse(paramters[1]) }; if (ErpUserRepo.IsValidToken(obj)) { return; } } } actionContext.Response = new System.Net.Http.HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized); } }
public UserController() { uow = new UnitOfWork(); erpUserRepo = new ErpUserRepo(uow); }