/// <summary> /// Determines if we should authenticate the request /// </summary> /// <param name="request"></param> /// <param name="originalRequestUrl"></param> /// <returns></returns> /// <remarks> /// We auth the request when: /// * it is a back office request /// * it is an installer request /// * it is a /base request /// * it is a preview request /// </remarks> internal static bool ShouldAuthenticateRequest(HttpRequestBase request, Uri originalRequestUrl) { if (//check back office request.Url.IsBackOfficeRequest() //check installer || request.Url.IsInstallerRequest() //detect in preview || (request.HasPreviewCookie() && request.Url != null && request.Url.AbsolutePath.StartsWith(IOHelper.ResolveUrl(SystemDirectories.Umbraco)) == false) //check for base || BaseRest.BaseRestHandler.IsBaseRestRequest(originalRequestUrl)) { return true; } return false; }