public override bool IsAllowed(HttpListenerContext context)
{
var route = RestServer.GetRouteFromRequest(context.Request);
if (RestServer.MatchingRoute(route, "system/authorise"))
{
return(true);
}
var headerContent = context.Request.Headers.Get(SecretHeader);
if (headerContent == null || !GeneratedSecrets.Contains(headerContent))
{
context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
context.Response.StatusDescription = "Unauthorised";
context.Response.Close();
return(false);
}
return(true);
}