public static bool Authenticate(WebApiApplication app)
{
HttpContext context = app.Context;
string authHeader = context.Request.Headers["Authorization"];
IPrincipal user;
if (TryGetPrincipal(authHeader, out user))
{
HttpContext.Current.User = user;
return(true);
}
return(false);
}
private void app_AuthenticateRequest(object sender, EventArgs args)
{
WebApiApplication app = (WebApiApplication)sender;
if (app.Request.HttpMethod != "OPTIONS")
{
if (!app.Request.Headers.AllKeys.Contains("Authorization"))
{
CreateNotAuthorizedResponse(app, 401, 1,
"Please provide Authorization headers with your request.");
}
else if (!BasicAuthProvider.Authenticate(app))
{
CreateNotAuthorizedResponse(app, 401, 3, "Logon failed.");
}
}
}