Dear all,
When I call 'api/values', it only allows me login as 'full' user details, but if a login as 'trial' user login details, it throws a 401 error. I would like to ask, if I am missing something in the queries in the user class below or the basicAuthn class:
Please advise
many thanks
When I call 'api/values', it only allows me login as 'full' user details, but if a login as 'trial' user login details, it throws a 401 error. I would like to ask, if I am missing something in the queries in the user class below or the basicAuthn class:
protectedoverride Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
AuthenticationHeaderValue authValue = request.Headers.Authorization;
if (authValue == null || authValue.Scheme != BasicAuthResponseHeaderValue)
{
return Unauthorized(request);
}
string[] credentials = Encoding.ASCII.GetString(Convert.FromBase64String(authValue.Parameter)).Split(new[] { ':' });
if (credentials.Length != 2 || string.IsNullOrEmpty(credentials[0]) || string.IsNullOrEmpty(credentials[1]))
{
//return Unauthorized(request);
var resp = new HttpResponseMessage(HttpStatusCode.NotFound)
{
Content = new StringContent(string.Format("access denied")),
};
}
ClaimRole user = repository.trial(credentials[0], credentials[1]);
ClaimRole user2 = repository.unlim(credentials[0], credentials[1]);
if (user == null || user2 == null)
{
var resp = new HttpResponseMessage(HttpStatusCode.NotFound)
{
Content = new StringContent(string.Format("access denied")),
};
}
else
{
IPrincipal principal = new GenericPrincipal(new GenericIdentity(user.Username, BasicAuthResponseHeaderValue), newstring[] { user.role });
Thread.CurrentPrincipal = principal;
HttpContext.Current.User = principal;
}
returnbase.SendAsync(request, cancellationToken);
}
User Classpublic ClaimRole trial(string username, string password)
{
var query = (from s in db.subs
join u in db.user on s.sUID equals u.uID
where s.sExpiryDate >= DateTime.Now &&
u.uUsername == username &&
u.uPassword == password
select u).FirstOrDefault();
if (query != null)
{
// Build a user and add the appropriate Trial role
returnnew ClaimRole { Username = query.uUsername, Password = query.uPassword, role = "Trial" };
}
else
{
// No user was found
returnnull;
}
}
public ClaimRole full(string username, string password)
{
var query = (from s in db.subs
join u in db.user on s.sUID equals u.uID
where s.sPID.Value == 163&&
u.uUsername == username &&
u.uPassword == password
select u).FirstOrDefault();
if (query != null)
{
// Build a user and add the appropriate Trial role
returnnew ClaimRole { Username = query.uUsername, Password = query.uPassword, role = "full" };
}
else
{
// No user was found
returnnull;
}
} Please advise
many thanks
