public Task AuthenticateAsync()

in backend/MXApi/Filters/BasicAuthorizeFilter.cs [32:63]

• 27 lines of code
• 4 McCabe index (conditional complexity)

    public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
    {
      HttpRequestMessage request = context.Request;
      AuthenticationHeaderValue authorization = request.Headers.Authorization;

      if (authorization != null && authorization.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase))
      {
        Tuple<string, string> userNameAndPasword = ExtractUserNameAndPassword(authorization.Parameter);
        string username = userNameAndPasword.Item1;
        string password = userNameAndPasword.Item2;

        // Check if login is correct
        if (IsAuthorized(username, password))
        {
          context.Principal = GetPrincipal(username, password);
          HttpContext.Current.Response.Headers.Add("Access-Control-Expose-Headers", Constants.DeviceIdHeader);
          HttpContext.Current.Response.Headers.Add(Constants.DeviceIdHeader, username);
          return Task.FromResult(0);
        }
      }

#if DEBUG
      HttpContext.Current.Response.Headers.Add("Access-Control-Expose-Headers", Constants.DeviceIdHeader);
      HttpContext.Current.Response.Headers.Add(Constants.DeviceIdHeader, Constants.DefaultDeviceId);
#else
      context.ErrorResult = new UnauthorizedResult(
        new AuthenticationHeaderValue[] { new AuthenticationHeaderValue("Basic", "realm=Web") },
        context.Request);
#endif

      return Task.FromResult(0);
    }