edv/REST_SERVER
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ede199ab943b7a2eadc72c89fe2a42b3fc4aac6a
REST_SERVER/VERAG_REST_SERVER/App_Start/BasicAuthenticationAttribute.vb
d.breimaier 8ab7ab8c38 REST
2024-11-05 08:28:42 +01:00

67 lines
2.2 KiB
VB.net
Raw Blame History

Imports System.Net
Imports System.Net.Http
Imports System.Security.Principal
Imports System.Threading
Imports System.Web.Http.Controllers
Imports System.Web.Http.Filters
Imports VERAG_PROG_ALLGEMEIN
Public Class BasicAuthenticationAttribute
Inherits AuthorizationFilterAttribute
Public Overrides Sub OnAuthorization(ByVal actionContext As HttpActionContext)
Dim authHeader = actionContext.Request.Headers.Authorization
If authHeader IsNot Nothing Then
Dim authenticationToken = actionContext.Request.Headers.Authorization.Parameter
Dim decodedAuthenticationToken = Encoding.UTF8.GetString(Convert.FromBase64String(authenticationToken))
Dim usernamePasswordArray = decodedAuthenticationToken.Split(":"c)
Dim userName = usernamePasswordArray(0)
Dim password = usernamePasswordArray(1)
'Dim hashedPW = BCrypt.Net.BCrypt.HashPassword(password)
Dim isValid = getCredentials(userName, password)
If isValid Then
Dim principal = New GenericPrincipal(New GenericIdentity(userName), Nothing)
Thread.CurrentPrincipal = principal
'actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.OK, "User " & userName & " successfully authenticated")
Return
End If
End If
HandleUnathorized(actionContext)
End Sub
Private Shared Sub HandleUnathorized(ByVal actionContext As HttpActionContext)
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized)
actionContext.Response.Headers.Add("WWW-Authenticate", "Basic Scheme='Data' location = 'http://localhost:")
End Sub
Private Shared Function getCredentials(user As String, password As String) As Boolean
Dim SQL As New VERAG_PROG_ALLGEMEIN.SQL
Dim authenticated As Boolean = False
Dim hashedPassword = SQL.DLookup("hashedPassword", "tblRESTAuthentication", "username='" & user & "' AND type = 'REST'", "ADMIN", "")
If hashedPassword <> "" Then
authenticated = BCrypt.Net.BCrypt.Verify(password, hashedPassword)
End If
Return authenticated
End Function
End Class
Reference in New Issue View Git Blame Copy Permalink