public override void OnAuthorization(HttpActionContext filterContext)
        {
            //allow anonymous
            if (SkipAuthorization(filterContext))
            {
                return;
            }

            if (filterContext == null)
            {
                throw new ArgumentNullException("filterContext");
            }

            var authHeader = filterContext.Request.Headers.Authorization;

            if (authHeader != null)
            {
                if (authHeader.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrWhiteSpace(authHeader.Parameter))
                {
                    try
                    {
                        var credentials = GetCredentials(authHeader);

                        IAccountService accountService = new AccountService();

                        if (credentials.Length == 2 && accountService.Authenticate(credentials[0], credentials[1]))
                            return;
                    }
                    catch (Exception)
                    {
                        HandleUnauthorizedRequest(filterContext);
                    }
                }
            }

            HandleUnauthorizedRequest(filterContext);
        }
Пример #2
0
        public HttpResponseMessage register()
        {
            var authHeader = Request.Headers.Authorization;

            if (authHeader != null)
            {
                if (authHeader.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrWhiteSpace(authHeader.Parameter))
                {

                    var credentials = GetCredentials(authHeader);

                    IAccountService accountService = new AccountService();

                    if (credentials.Length != 2)
                    {
                        return Request.CreateResponse(HttpStatusCode.OK, "no");
                    }
                    else if (accountService.DoesUserExist(credentials[0]))
                    {
                        return Request.CreateResponse(HttpStatusCode.OK, "exist");
                    }
                    else if (accountService.AddUser(credentials[0], credentials[1]) > -1)
                    {
                        return Request.CreateResponse(HttpStatusCode.OK, "done");
                    }
                }
            }
            return Request.CreateResponse(HttpStatusCode.OK, "no");
        }