public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
        {
            base.OnAuthorization(actionContext);
            if (actionContext.Request.Headers.Authorization == null)
            {
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
            }
            else
            {
                string   encodedString = actionContext.Request.Headers.Authorization.Parameter;
                string   decodedString = Encoding.UTF8.GetString(Convert.FromBase64String(encodedString));
                string[] arr           = decodedString.Split(new char[] { ':' });
                string   username      = arr[0];
                string   password      = arr[1];

                HROfficerRepository urepo = new HROfficerRepository();

                if (username == urepo.Get(username).HR_name&& password == urepo.Get(username).HR_password)
                {
                    Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity(username), null);
                }
                else
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
                }
            }
        }
        public ActionResult ConfirmChangePassword(string oldpass, string Pass, string cpass)
        {
            HROfficerRepository orepo = new HROfficerRepository();
            LoginRepository     lrepo = new LoginRepository();

            HROfficer of = orepo.Get(Convert.ToInt32(Session["Id"]));

            Logininfo log = lrepo.Get(Session["Name"].ToString());

            if (Session["Password"].ToString() == oldpass)
            {
                if (Pass != cpass)
                {
                    ViewData["Message"] = "Password Didn't match";
                }
                else
                {
                    of.HR_password     = Pass;
                    log.Login_Password = Pass;

                    orepo.Update(of);
                    lrepo.Update(log);

                    ViewData["Message"] = "Password Updated Successfully";
                    Session["Officer"]  = of;
                    Session["Password"] = Pass;
                }
            }
            else
            {
                ViewData["Message"] = "Wrong Password";
            }

            return(View("Empty"));
        }