public override void OnActionExecuting(ActionExecutingContext context)
        {
            // check if session cookie exists and is valid
            ISessionParser sessionParser = new AuthHeaderReader();
            Guid           sessionID;

            sessionID = sessionParser.GetSessionID(context.HttpContext);

            if (sessionID == Guid.Empty)
            {
                context.Result = new BadRequestResult();
                return;
            }

            // check if session exists
            Resource  res = new Resource();
            IDbClient db  = new DbClient(res.GetString("db_base_path"));

            if (db.Contains <Session, Guid>(res.GetString("db_sessions_path"), "_id", sessionID))
            {
                Session session = db.FindByField <Session, Guid>(res.GetString("db_sessions_path"),
                                                                 "_id", sessionID)[0];

                User user = db.FindByField <User, Guid>(res.GetString("db_users_path"),
                                                        "_id", session.UserId)[0];

                context.HttpContext.Items.Add("currentUser", user);
                return;
            }

            context.Result = new UnauthorizedResult();
        }
        public void Test_BadInput()
        {
            ISessionParser sessionParser = new AuthHeaderReader();

            Assert.Throws <ArgumentNullException>(() =>
                                                  sessionParser.GetSessionID(null)
                                                  );
        }
        public void Test_InvalidId()
        {
            ISessionParser sessionParser = new AuthHeaderReader();

            var mockHttp = new MockHttpHeaders()
                           .MockGetHeader(HEADER_KEY, true, "asf");

            Guid sessionID = sessionParser.GetSessionID(mockHttp.Object);

            Assert.Equal(sessionID, Guid.Empty);
        }
        public void Test_GoodInput()
        {
            Guid           id            = Guid.NewGuid();
            ISessionParser sessionParser = new AuthHeaderReader();

            var mockHttp = new MockHttpHeaders()
                           .MockGetHeader(HEADER_KEY, true, id.ToString());

            Guid sessionID = sessionParser.GetSessionID(mockHttp.Object);

            Assert.Equal(sessionID, id);
        }