public override void OnActionExecuting(ActionExecutingContext filterContext) { //check the authentication status string apiToken = filterContext.HttpContext.Request.Params["api_token"]; bool isAuthed = false; if (string.IsNullOrWhiteSpace(apiToken) & RequireAuth == true) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.AccessTokenRequired); return; } //check the authentication Authentication.AuthenticationService authSvc = new Authentication.AuthenticationService(); //try to validate the token string user = ""; bool hasUser = false; if (string.IsNullOrWhiteSpace(apiToken) == false) { if (authSvc.ValidateToken(apiToken, out user) == false) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.InvalidAccessToken); return; } else { isAuthed = true; if (string.IsNullOrWhiteSpace(user) == false) { hasUser = true; filterContext.HttpContext.Items["api_token_user"] = user; } } } if (RequireAuth == true & isAuthed == false) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.AccessTokenRequired); return; } //check for a throttle Quota.QuotaService quotaSvc = new Quota.QuotaService(); if (isAuthed == true) { //try using the user id if (quotaSvc.ExceedingQuota(apiToken, hasUser) == true) { filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.ThrottleExceeded); return; } } else { if (quotaSvc.ExceedingQuota() == true) { filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.ThrottleExceeded); return; } } filterContext.HttpContext.Items["token_has_user"] = hasUser; filterContext.HttpContext.Items["api_token"] = apiToken; filterContext.HttpContext.Items["is_authed"] = isAuthed; }
public override void OnActionExecuting(ActionExecutingContext filterContext) { //check the authentication status string apiToken = filterContext.HttpContext.Request.Params["api_token"]; bool isAuthed = false; if (string.IsNullOrWhiteSpace(apiToken) & RequireAuth == true) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.AccessTokenRequired); return; } //check the authentication Authentication.AuthenticationService authSvc = new Authentication.AuthenticationService(); //try to validate the token string user = ""; bool hasUser = false; if (string.IsNullOrWhiteSpace(apiToken) == false) { if (authSvc.ValidateToken(apiToken, out user) == false) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.InvalidAccessToken); return; } else { isAuthed = true; if (string.IsNullOrWhiteSpace(user) == false) { hasUser = true; filterContext.HttpContext.Items["api_token_user"] = user; } } } if (RequireAuth == true & isAuthed == false) { //return error filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.AccessTokenRequired); return; } //check for a throttle Quota.QuotaService quotaSvc = new Quota.QuotaService(); if (isAuthed == true) { //try using the user id if (quotaSvc.ExceedingQuota(apiToken, hasUser) == true) { filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.ThrottleExceeded); return; } } else { if (quotaSvc.ExceedingQuota() == true) { filterContext.Result = ErrorResponse(CommonResponseWrapper.StatusEnum.ThrottleExceeded); return; } } filterContext.HttpContext.Items["token_has_user"] = hasUser; filterContext.HttpContext.Items["api_token"] = apiToken; filterContext.HttpContext.Items["is_authed"] = isAuthed; }