I am currently doing some authorization in a web api. I have created a custom AuthorizeAttribute as follows :-
public class CustomAuthorization : AuthorizeAttribute
{
public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
{
HandleUnauthorizedRequest(actionContext);
}
protected override void HandleUnauthorizedRequest(System.Web.Http.Controllers.HttpActionContext actionContext)
{
}
}
Now in the HandleUnauthorizedRequest i am validation my token. The token contains a user object. What i want is to return the decryted user object to the web api controller as below: -
[HttpPost()]
[HttpOptions]
[CustomAuthorization]
public PolicyListReturnType GetPolicyList(PolicyListTypeDto listTypeDto)
{
//Get user object here;
}
Is this a good method or is there another way of doing this.
Aucun commentaire:
Enregistrer un commentaire