albert/kreta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
kreta/KretaWeb/Security/ApiFeatureAuthorizeAttribute.cs
skidoodle e124a47765 init
2024-03-13 00:33:46 +01:00

38 lines
1.2 KiB
C#
Raw Blame History

using System;
using System.Net;
using System.Net.Http;
using System.Web;
using System.Web.Http;
using System.Web.Http.Controllers;
namespace Kreta.Web.Security
{
[AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
public class ApiFeatureAuthorizeAttribute : AuthorizeAttribute
{
private readonly string[] featureNames;
public ApiFeatureAuthorizeAttribute(params string[] features)
{
featureNames = features;
}
public override void OnAuthorization(HttpActionContext actionContext)
{
if (IsAuthorized(actionContext))
return;
HandleUnauthorizedRequest(actionContext);
}
protected override bool IsAuthorized(HttpActionContext actionContext)
{
return AuthorizeHelper.CheckFeatureAccess(featureNames);
}
protected override void HandleUnauthorizedRequest(HttpActionContext actionContext)
{
HttpContext.Current.Response.AddHeader("AuthenticationStatus", "NotAuthorized");
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden);
}
}
}
Reference in a new issue View git blame Copy permalink