protected async override System.Threading.Tasks.Task <HttpResponseMessage> SendAsync( HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) { if (id != null) { using (WebAPIPhase_2Context db = new WebAPIPhase_2Context()) { var user = db.Users.Find(id); if (user.ApiKey == key) { IList <Claim> claim = new List <Claim> { new Claim(ClaimTypes.Name, user.Email), }; var identity = new ClaimsIdentity(claim, "APIKey"); var principal = new ClaimsPrincipal(identity); Thread.CurrentPrincipal = principal; } } } var response = await base.SendAsync(request, cancellationToken); var headers = response.Headers; if (headers.Contains("xcmps383authenticationid") && headers.Contains("xcmps383authenticationid")) { id = Int32.Parse(response.Headers.GetValues("xcmps383authenticationid").FirstOrDefault()); key = response.Headers.GetValues("xcmps383authenticationkey").FirstOrDefault(); } return(response); }
private bool ValidateByApiKey(HttpRequestMessage request) { WebAPIPhase_2Context db = new WebAPIPhase_2Context(); var headers = request.Headers; if (headers.Contains("xcmps383authenticationkey") && headers.Contains("xcmps383authenticationid")) { var apiKey = (headers.Where(m => m.Key == "xcmps383authenticationkey").First().Value.First()); var userID = Convert.ToInt32(headers.Where(m => m.Key == "xcmps383authenticationid").First().Value.First()); var user = db.Users.FirstOrDefault(m => m.UserId == userID); return(user != null && user.ApiKey == apiKey); } return(false); }