Exemplo n.º 1
0
        /// <summary>
        /// Constructor
        /// </summary>
        public override void OnActionExecuting(HttpActionContext context)
        {
            var authModel = new AuthModel();
            var header    = context.Request.Headers.SingleOrDefault(x => x.Key == "token");

            bool valid;

            if (header.Value == null)
            {
                valid = false;
            }
            else
            {
                // Tokenul apartine unui admin
                var isAdmin = authModel.VerifyAdminToken(header.Value.First());

                // Tokenul este valid
                var okDate = authModel.VerifyToken(header.Value.First());

                valid = isAdmin && okDate;
            }

            if (!valid)
            {
                var json = new JSendMessage("fail", "Invalid Authorization Key");
                context.Response = context.Request.CreateResponse(HttpStatusCode.Forbidden, json);
            }
        }
Exemplo n.º 2
0
        /// <summary>
        /// Constructor
        /// </summary>
        public override void OnActionExecuting(HttpActionContext context)
        {
            AuthModel    authModel = new AuthModel();
            FormModel    formModel = new FormModel();
            JSendMessage json;
            var          header         = context.Request.Headers.SingleOrDefault(x => x.Key == "token");
            var          formIdToDelete = context.Request.RequestUri.Segments[3];

            bool valid = false, isAdmin = false, okDate = false, formIsFromUser = false;

            if (header.Value == null)
            {
                valid = false;
            }
            else
            {
                // Tokenul apartine unui admin
                isAdmin = authModel.VerifyAdminToken(header.Value.First());

                // Tokenul este valid
                okDate = authModel.VerifyToken(header.Value.First());

                valid = isAdmin && okDate;

                // Tokenul si sondajul apartin aceluiasi user
                formIsFromUser = formModel.FormIdCreatedbyUserId(Int32.Parse(formIdToDelete), header.Value.First());
            }

            if (!(valid || formIsFromUser))
            {
                // Token invalid
                json             = new JSendMessage("fail", "Invalid Authorization Key");
                context.Response = context.Request.CreateResponse(HttpStatusCode.Forbidden, json);
            }
        }
Exemplo n.º 3
0
        public MyMessage Get()
        {
            AuthModel authModel = new AuthModel();

            var         header  = Request.Headers.SingleOrDefault(x => x.Key == "token");
            bool        isAdmin = authModel.VerifyAdminToken(header.Value.First());
            RoleMessage msg;

            if (isAdmin)
            {
                msg = new RoleMessage("admin");
                return(msg);
            }
            else
            {
                msg = new RoleMessage("user");
                return(msg);
            }
        }