I'm trying to move an mvc app to .net core 2 and one of the last things I need to migrate is basic authorization which affects two controller methods. Everything I can find shows a user logging in and that's not what we're doing in this case. These methods just take a json post so I just need to make sure the basic authorization header is there with a value matching our system.
In my mvc app I have this class.
public class APIAuthenticationFilter : AuthorizeAttribute
{
protected override bool AuthorizeCore(HttpContextBase httpContext)
{
return httpContext.Request.Headers["Authorization"] != null && httpContext.Request.Headers["Authorization"].Equals("Basic " + ApiCredentials.EncodedHeader);
}
}
And the controller method like
[APIAuthenticationFilter]
public ActionResult DoSomething(){...}