protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } KorisnikModel user = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':'); var username = credentials[0]; var password = credentials[1]; user = _userService.Authenticiraj(username, password); } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (user.OK == false) { return(AuthenticateResult.Fail("Invalid Username or Password")); } var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, user.KorisnickoIme), new Claim(ClaimTypes.Name, user.Ime), }; if (user.Uloga == 0) { claims.Add(new Claim(ClaimTypes.Role, "Izdavac")); } else if (user.Uloga == 1) { claims.Add(new Claim(ClaimTypes.Role, "Administrator")); } else if (user.Uloga == 2) { claims.Add(new Claim(ClaimTypes.Role, "Klijent")); } var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }