public ActionResult API <T>(T data, string requiredUser) { CommonResponseWrapper wrapper = new CommonResponseWrapper(); Quota.QuotaService quotaSvc = new Quota.QuotaService(); wrapper.Type = typeof(T).Name; wrapper.Status = CommonResponseWrapper.StatusEnum.Success; wrapper.Data = Serializer.SerializeToFormat <T>(data, Request.Params["format"]); bool hasUser; bool.TryParse(HttpContext.Items["token_has_user"] as string, out hasUser); string token = HttpContext.Items["api_token"] as string; string tokenUser = HttpContext.Items["api_token_user"] as string; if (requiredUser != "*") { //validate the user if (requiredUser != tokenUser) { //not authed //return error wrapper.Status = CommonResponseWrapper.StatusEnum.AccessDenied; wrapper.Type = ""; wrapper.Data = ""; } } if (string.IsNullOrWhiteSpace(token) == true) { wrapper.QuotaRemaining = quotaSvc.QuotaRemaining(); wrapper.TotalQuota = quotaSvc.MaxIPQuota; } else { wrapper.QuotaRemaining = quotaSvc.QuotaRemaining(token, hasUser); wrapper.TotalQuota = quotaSvc.MaxTokenQuota; if (hasUser == true) { wrapper.TotalQuota = quotaSvc.MaxUserTokenQuota; } } return(new APIResponse(wrapper, Request.Params["format"])); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { //check the authentication status string apiToken = filterContext.HttpContext.Request.Params["api_token"]; bool isAuthed = false; if (string.IsNullOrWhiteSpace(apiToken) & RequireAuth == true) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.AccessTokenRequired); return; } //check the authentication Authentication.AuthenticationService authSvc = new Authentication.AuthenticationService(); //try to validate the token string user = ""; bool hasUser = false; if (string.IsNullOrWhiteSpace(apiToken) == false) { if (authSvc.ValidateToken(apiToken, out user) == false) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.InvalidAccessToken); return; } else { isAuthed = true; if (string.IsNullOrWhiteSpace(user) == false) { hasUser = true; filterContext.HttpContext.Items["api_token_user"] = user; } } } if (RequireAuth == true & isAuthed == false) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.AccessTokenRequired); return; } //check for a throttle Quota.QuotaService quotaSvc = new Quota.QuotaService(); if (isAuthed == true) { //try using the user id if (quotaSvc.ExceedingQuota(apiToken, hasUser) == true) { filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.ThrottleExceeded); return; } } else { if (quotaSvc.ExceedingQuota() == true) { filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.ThrottleExceeded); return; } } filterContext.HttpContext.Items["token_has_user"] = hasUser; filterContext.HttpContext.Items["api_token"] = apiToken; filterContext.HttpContext.Items["is_authed"] = isAuthed; }
public override void OnActionExecuting(ActionExecutingContext filterContext) { //check the authentication status string apiToken = filterContext.HttpContext.Request.Params["api_token"]; bool isAuthed = false; if (string.IsNullOrWhiteSpace(apiToken) & RequireAuth == true) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.AccessTokenRequired); return; } //check the authentication Authentication.AuthenticationService authSvc = new Authentication.AuthenticationService(); //try to validate the token string user = ""; bool hasUser = false; if (string.IsNullOrWhiteSpace(apiToken) == false) { if (authSvc.ValidateToken(apiToken, out user) == false) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.InvalidAccessToken); return; } else { isAuthed = true; if (string.IsNullOrWhiteSpace(user) == false) { hasUser = true; filterContext.HttpContext.Items["api_token_user"] = user; } } } if (RequireAuth == true & isAuthed == false) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.AccessTokenRequired); return; } //check for a throttle Quota.QuotaService quotaSvc = new Quota.QuotaService(); if (isAuthed == true) { //try using the user id if (quotaSvc.ExceedingQuota(apiToken, hasUser) == true) { filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.ThrottleExceeded); return; } } else { if (quotaSvc.ExceedingQuota() == true) { filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.ThrottleExceeded); return; } } filterContext.HttpContext.Items["token_has_user"] = hasUser; filterContext.HttpContext.Items["api_token"] = apiToken; filterContext.HttpContext.Items["is_authed"] = isAuthed; }