protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
var authHeader = request.Headers.Authorization;
if (authHeader == null)
{
return(base.SendAsync(request, cancellationToken));
}
if (authHeader.Scheme != "Basic")
{
return(base.SendAsync(request, cancellationToken));
}
var encodedUserPass = authHeader.Parameter.Trim();
var userPass = Encoding.ASCII.GetString(Convert.FromBase64String(encodedUserPass));
var parts = userPass.Split(":".ToCharArray());
var username = parts[0];
var password = parts[1];
var identity = new BasicAuthenticationIdentity(username, password);
var principal = new GenericPrincipal(identity, null);
Thread.CurrentPrincipal = principal;
if (HttpContext.Current != null)
{
HttpContext.Current.User = principal;
}
return(base.SendAsync(request, cancellationToken));
}
private static bool Authencate(BasicAuthenticationIdentity identify)
{
var repo = RepositoryManager.GetRepository <ISysOperatorRepository>();
var operatorInfos = repo.Query(new Hashtable {
{ "LoginName", identify.Name }, { "Status", (int)GeneralStatus.Enabled }
});
if (!operatorInfos.Any())
{
return(false);
}
var operatorInfo = operatorInfos.First();
var hashPassword = SysOperatorExtension.ExcryptPassword(identify.Password, operatorInfo.Salt);
identify.AuthorizationOperatorInfo = operatorInfo;
return(hashPassword == operatorInfo.Password);
}