public IHttpActionResult Get(string UserName, string Password)
{
Dictionary <string, string> token = new Dictionary <string, string>();
var db = DatabaseHelper.GetDatabase();
var col = db.GetCollection <UserModel>("users");
var result = col.Find(x => x.UserName == UserName && x.Password == Password).FirstOrDefault();
if (result != null && result.Id != 0)
{
TokenPayloadModel payload = new TokenPayloadModel()
{
IdUser = result.Id,
LoginDate = DateTime.Now
};
byte[] key = Base64Helper.Base64UrlDecode("DropTheMic");
token.Add("WebToken", Jose.JWT.Encode(payload, key, Jose.JwsAlgorithm.HS256));
token.Add("IdUser", payload.IdUser.ToString());
}
else
{
throw new HttpResponseException(HttpStatusCode.NotFound);
}
return(Ok(token));
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
string token;
JavaScriptSerializer serializer = new JavaScriptSerializer();
controller = actionContext.ControllerContext.Controller as BaseController;
if (actionContext.ControllerContext.Request.Headers.Authorization != null)
{
try
{
token = actionContext.ControllerContext.Request.Headers.Authorization.ToString();
byte[] key = Base64Helper.Base64UrlDecode("DropTheMic");
JObject userJSON = JObject.Parse(Jose.JWT.Decode(token, key, Jose.JwsAlgorithm.HS256));
TokenPayloadModel user = serializer.Deserialize <TokenPayloadModel>(userJSON.ToString());
controller.InstanceUser(user);
}
catch (Exception ex)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
}
else
{
if (!((controller is AuthorizationController) || (controller is UsersController && actionContext.Request.Method == System.Net.Http.HttpMethod.Post)))
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
}
base.OnActionExecuting(actionContext);
}
