74 lines
2.2 KiB
C#
74 lines
2.2 KiB
C#
using Code.Utils;
|
|
using System;
|
|
using System.Web;
|
|
using System.Threading;
|
|
using System.Threading.Tasks;
|
|
using System.Web.Http.Controllers;
|
|
using System.Linq;
|
|
using System.Security.Principal;
|
|
using System.Web.Http;
|
|
|
|
namespace Code.Security
|
|
{
|
|
public class RESTAuthorizeAttribute : AuthorizeAttribute
|
|
{
|
|
|
|
public override void OnAuthorization(HttpActionContext actionContext)
|
|
{
|
|
if (Authorize(actionContext))
|
|
return;
|
|
|
|
HandleUnauthorizedRequest(actionContext);
|
|
}
|
|
|
|
protected override void HandleUnauthorizedRequest(HttpActionContext ctx)
|
|
{
|
|
base.HandleUnauthorizedRequest(ctx);
|
|
}
|
|
|
|
|
|
private bool Authorize(HttpActionContext actionContext)
|
|
{
|
|
try
|
|
{
|
|
//var headers = actionContext.Request.Headers;
|
|
//if (headers.Contains(Settings._securityToken))
|
|
//{
|
|
// Settings.Logger.Log(NLog.LogLevel.Debug, "Token found");
|
|
|
|
// string token = headers.GetValues(Settings._securityToken).First();
|
|
// Settings.Logger.Log(NLog.LogLevel.Debug, "Token value:"+token);
|
|
|
|
// return RESTSecurityManager.IsTokenValid(token);
|
|
//}
|
|
string token = RESTAuthorizeAttribute.Token();
|
|
if (!string.IsNullOrEmpty(token))
|
|
{
|
|
Settings.Logger.Log(NLog.LogLevel.Debug, "Token value:" + token);
|
|
return RESTSecurityManager.IsTokenValid(token);
|
|
}
|
|
else
|
|
{
|
|
Settings.Logger.Log(NLog.LogLevel.Debug, "Token not found in header for request!");
|
|
}
|
|
}
|
|
catch (Exception ex )
|
|
{
|
|
Settings.Logger.Log(NLog.LogLevel.Debug, "Exception!" +ex.Message);
|
|
}
|
|
return false;
|
|
}
|
|
public static string Token()
|
|
{
|
|
|
|
var headers = HttpContext.Current.Request.Headers;
|
|
if (headers[Settings._securityToken] != null)
|
|
{
|
|
string token = headers.GetValues(Settings._securityToken).First();
|
|
return token;
|
|
}
|
|
return null;
|
|
}
|
|
}
|
|
}
|