using Microsoft.AspNetCore.Authentication; using Microsoft.Extensions.Options; using System.Net.Http.Headers; using System.Security.Claims; using System.Text; using System.Text.Encodings.Web; namespace administration.Services { public class BasicAuthenticationHandler : AuthenticationHandler { public BasicAuthenticationHandler( IOptionsMonitor options, ILoggerFactory logger, UrlEncoder encoder, ISystemClock clock ) : base(options, logger, encoder, clock) { } protected override Task HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey("Authorization")) return Task.FromResult(AuthenticateResult.Fail("Missing Authorization Header")); try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter ?? ""); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':'); var username = credentials[0]; var password = credentials[1]; // 🔐 Valide ici tes identifiants if (username != "admin" || password != "Mf33ksTRLrPKSqQ4cTXitgiSN6BPBt89") return Task.FromResult(AuthenticateResult.Fail("Invalid Username or Password")); var claims = new[] { new Claim(ClaimTypes.NameIdentifier, username), new Claim(ClaimTypes.Name, username), }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return Task.FromResult(AuthenticateResult.Success(ticket)); } catch { return Task.FromResult(AuthenticateResult.Fail("Invalid Authorization Header")); } } } }