public override void OnActionExecuting(ActionExecutingContext filterContext) { if (aExecuting) { var authHeader = filterContext.HttpContext.Request.Headers[authHeaderKey]; if (authHeader != null) { var basicTokens = authHeader.Split(' '); if (!"Basic".Equals(basicTokens[0])) { HandleUnauthorized(filterContext); return; } var decodedAuthToken = Base64Decode(basicTokens[1]); var vals = decodedAuthToken.Split(':'); var username = vals[0]; var password = vals[1]; Employee emp = EmployeeDAO.GetUserPassword(username); if (emp != null && password.Equals(emp.Password)) { AuthUtil.CreatePrincipal(emp); base.OnActionExecuting(filterContext); return; } } HandleUnauthorized(filterContext); } }
public Dictionary <string, object> Login(Employee emp) { Dictionary <string, object> resDict = new Dictionary <string, object>(); Employee emp2 = EmployeeDAO.GetUserPassword(emp.UserName); if (emp2 == null || string.IsNullOrEmpty(emp2.UserName)) { resDict.Add("login", false); resDict.Add("msg", "Username not found"); } else if (!emp.Password.Equals(emp2.Password)) { resDict.Add("login", false); resDict.Add("msg", "Incorrect password"); } else { resDict.Add("login", true); resDict.Add("msg", "Login success"); resDict.Add("emp", emp2); AuthUtil.CreatePrincipal(emp2); } return(resDict); }