BasicAuthentication-Login mit SQL-Table "thblAuthentication" eingebungen

2023-03-14 10:11:54 +01:00
parent 8be482935a
commit f018fc99d5
1 changed files with 23 additions and 1 deletions
--- a/VERAG_REST_SERVER/App_Start/BasicAuthenticationAttribute.vb
+++ b/VERAG_REST_SERVER/App_Start/BasicAuthenticationAttribute.vb
@@ -7,6 +7,11 @@ Imports System.Web.Http.Description
 Imports System.Web.Http.Filters
 Imports Microsoft.AspNetCore.Authorization
 Imports Swashbuckle.Swagger
+Imports VERAG_PROG_ALLGEMEIN
+Imports VERAG_PROG_ALLGEMEIN.TESTJSON
+
+
+

 Public Class BasicAuthenticationAttribute
    Inherits AuthorizationFilterAttribute
@@ -20,7 +25,10 @@ Public Class BasicAuthenticationAttribute
            Dim usernamePasswordArray = decodedAuthenticationToken.Split(":"c)
            Dim userName = usernamePasswordArray(0)
            Dim password = usernamePasswordArray(1)
-            Dim isValid = userName = "test" AndAlso password = "password"
+
+
+
+            Dim isValid = getCredentials(userName, password)

            If isValid Then
                Dim principal = New GenericPrincipal(New GenericIdentity(userName), Nothing)
@@ -37,6 +45,20 @@ Public Class BasicAuthenticationAttribute
        actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized)
        actionContext.Response.Headers.Add("WWW-Authenticate", "Basic Scheme='Data' location = 'http://localhost:")
    End Sub
+
+    Private Shared Function getCredentials(user As String, password As String) As Boolean
+
+        Dim SQL As New VERAG_PROG_ALLGEMEIN.SQL
+        Dim authenticated As Boolean = False
+
+        Dim Response = SQL.DLookup("username", "tblAuthentication", "username='" & user & "' and password='" & password & "'", "FMZOLL", "")
+        If Response <> "" Then
+            authenticated = True
+        End If
+
+        Return authenticated
+
+    End Function
 End Class