public void OnAuthorization(AuthorizationFilterContext context) { try { string IP = context.HttpContext.Connection.RemoteIpAddress.ToString(); if (!context.HttpContext.Request.Headers.ContainsKey("csrf")) { context.Result = new UnauthorizedResult(); return; } Guid token = new Guid(context.HttpContext.Request.Headers["csrf"]); if (!_userRepo.TokenIsValid(token)) { context.Result = new UnauthorizedResult(); } } catch (System.Exception ex) { context.Result = new UnauthorizedResult(); } }