Implement basic authentication in web api c#

-
First, create an empty web API project . Then follow the below steps:

Here I want to validate the user if the user exists then display the employee details based on username.

1. Create a User model class and Employee model.

User Model Class
Employee Model Class
public class User
    {
        public int ID { get; set; }
        public string UserName { get; set; }
        public string Password { get; set; }
    }
  
 public class Employee
    {
        public int ID { get; set; }
        public string Name { get; set; }
        public string Gender { get; set; }
        public string Dept { get; set; }
        public int Salary { get; set; }
    }

 

2. Creating a class that returns the list of employees and users.

User List
Employee List
public class UsersBL
    {
        public List GetUsers()
        {          
            List userList = new List();
            userList.Add(new User()
            {
                ID = 101,
                UserName = "MaleUser",
                Password = "123456"
            });
            userList.Add(new User()
            {
                ID = 101,
                UserName = "FemaleUser",
                Password = "abcdef"
            });
            return userList;
        }
    }
  
 public class EmployeeBL
    {
        public List GetEmployees()
        {
            List empList = new List();
            for (int i = 0; i < 10; i++)
            {
                if (i > 5)
                {
                    empList.Add(new Employee()
                    {
                        ID = i,
                        Name = "Name" + i,
                        Dept = "IT",
                        Salary = 1000 + i,
                        Gender = "Male"
                    });
                }
                else
                {
                    empList.Add(new Employee()
                    {
                        ID = i,
                        Name = "Name" + i,
                        Dept = "HR",
                        Salary = 1000 + i,
                        Gender = "Female"
                    });
                }
            }
            return empList;
        }
 
3. Creating UserValidate class to validate the user

       public class UserValidate
        {
            //This method is used to check the user credentials
            public static bool Login(string username, string password)
            {
                UsersBL userBL = new UsersBL();
                var UserLists = userBL.GetUsers();
                return UserLists.Any(user =>
                    user.UserName.Equals(username, StringComparison.OrdinalIgnoreCase)
                    && user.Password == password);
            }
        }

4. Creating BasicAuthenticationAttribute class to implement basic authentication

      public override void OnAuthorization(HttpActionContext actionContext)
        {
            //If the Authorization header is empty or null
            //then return Unauthorized
            if (actionContext.Request.Headers.Authorization == null)
            {
                actionContext.Response = actionContext.Request
                    .CreateResponse(HttpStatusCode.Unauthorized);

                // If the request was unauthorized, add the WWW-Authenticate header
                // to the response which indicates that it require basic authentication
                if (actionContext.Response.StatusCode == HttpStatusCode.Unauthorized)
                {
                    //Code
                }
            }
            else
            {
                //Get the authentication token from the request header
                string authenticationToken = actionContext.Request.Headers
                    .Authorization.Parameter;

                //Decode the string
                string decodedAuthenticationToken = Encoding.UTF8.GetString(
                    Convert.FromBase64String(authenticationToken));

                //Convert the string into an string array
                string[] usernamePasswordArray = decodedAuthenticationToken.Split(':');

                //First element of the array is the username
                string username = usernamePasswordArray[0];

                //Second element of the array is the password
                string password = usernamePasswordArray[1];

                //call the login method to check the username and password
                if (UserValidate.Login(username, password))
                {
                    var identity = new GenericIdentity(username);

                    IPrincipal principal = new GenericPrincipal(identity, null);
                    Thread.CurrentPrincipal = principal;

                    if (HttpContext.Current != null)
                    {
                        HttpContext.Current.User = principal;
                    }
                }
                else
                {
                    actionContext.Response = actionContext.Request
                        .CreateResponse(HttpStatusCode.Unauthorized);
                }
            }
        }

5. Add the below code in webApiConfig.cs file

            config.Filters.Add(new BasicAuthenticationAttribute());

6. Finally, create a controller and add [BasicAuthentication] filter for which you want to authenticate

    [BasicAuthentication]
    public class DefaultController : ApiController
    {
 
        public HttpResponseMessage GetEmployees()
        {
            string username = Thread.CurrentPrincipal.Identity.Name;
            var EmpList = new EmployeeBL().GetEmployees();
            switch (username.ToLower())
            {
                case "maleuser":
                    return Request.CreateResponse(HttpStatusCode.OK,
                        EmpList.Where(e => e.Gender.ToLower() == "male").ToList());
                case "femaleuser":
                    return Request.CreateResponse(HttpStatusCode.OK,
                        EmpList.Where(e => e.Gender.ToLower() == "female").ToList());
                default:
                    return Request.CreateResponse(HttpStatusCode.BadRequest);
            }
        }

    }

Popular posts from this blog

Top MNC Interview Questions- Full Stack Developer

-
Common Questions: What is Reflection? What is data integrity In SQL Server? Different types of relationships in SQL Server? Different b/w Union, Union All, Minus, Intersect? When we use the method overloading concept in c#? Real-time example for oops concepts? Why we go for Interfaces when we have abstract Classes? (Note: Provide Reason other than multiple inheritances, and abstraction concept). What is the Bundling and Minification Concept? What are the different options available in google chrome developer tools? Can we call the same request again from the network tab in the google chrome developer tab? What are ACID properties in SQL Server? What is CTE? Where we can use it and why? What are the components of ado.net? Types of Cookies in MVC and how the memory allocated? Diff. b/w array.clone() and array.copyto()? Why we need relations in SQL? Diff. b/w Task and Thread? How do you implement dependency injection in MVC .net standard f/w? Async and Await? Task and Task<T>? Diffe...
Read more

Interview Questions-2

-
 output of following program and if any errors what should be the correct syntax class baseclass {​​​​​​​​​      public void func1() {​​​​​​​​ Console.WriteLine ("Base Fun1()")​}​​​​​​​​​      public virtual void func2() {​​​​​​​​ Console.WriteLine ("Base Fun2()")​}​​​​​​​​​      public virtual  void func3() {​​​​​​​​​ Console.WriteLine ("Base Fun3()")}​​​​​​​​​ }​​​​​​​​​ class derivedclass :baseclass {​​​​​​​​​      new public void func1() {​​​​​​​​ Console.WriteLine ("derived Fun1()")​}​​​​​​​​​      public override void func2() {​​​​​​​​ Console.WriteLine ("derived Fun2()")​}​​​​​​​​​      public new void func3() {​​​​​​​​ Console.WriteLine ("derived Fun3()")​}​​​​​​​​​ }​​​​​​​​​ class Program {​​​​​​​​​      static void Main(string[] args)      {​...
Read more

How to get the user details, user current level, next level, Rank in sql server

-
 ALTER PROCEDURE [dbo].[SP_GETUSERPROFILE] @UserId int AS BEGIN --checks whether user reported any tweet or not IF EXISTS(SELECT * FROM OnGoingReports WHERE UserId=@UserId) BEGIN --if user already reported tweets then gets the user details and rank select UserId,UserName,Name,UserReportedTweetCount,Rank      from  (select UserId,UserName,Name,UserReportedTweetCount,ROW_NUMBER() OVER(ORDER BY UserReportedTweetCount desc) AS Rank  from      (select ogr.UserId,uc.UserName,Name,Count(*) UserReportedTweetCount from UserCredentials uc       inner join OnGoingReports ogr       on       ogr.UserId=uc.UserId        GROUP BY ogr.UserId,uc.Name,uc.UserName) as TopList ) as UserRank      where UserId=@UserId END ELSE BEGIN --if user not reported any tweets then it get the default value as 0 and rank based on tweets reported select UserId,UserName,Nam...
Read more