Edit this page

Implement Simple Authentication

In order to authenticate the user that uploads files on the server-side of your application, you have to validate the user on the client and pass a parameter with his status to the server. To learn more about passing parameters to the Upload Handler read here.

On the server you have to read the parameter and take the respective actions, depending on its value. There are several things that you have to do in order to achieve a reliable authentication on the server. First you have to override the SaveChunkData() method of the RadUploadHandler class.

Example 1: Overriding the SaveChunkData method

public override bool SaveChunkData( string filePath, long position, byte[] buffer, int contentLength, out int savedBytes )
{
    return base.SaveChunkData( filePath, position, buffer, contentLength, out savedBytes );
}
Public Overrides Function SaveChunkData(filePath As String, position As Long, buffer As Byte(), contentLength As Integer, savedBytes As Integer) As Boolean
 Return MyBase.SaveChunkData(filePath, position, buffer, contentLength, savedBytes)
End Function

Then you have to check if the parameter sent by the client indicates whether the user is valid or not. If the user is valid you have to call the base method.

To learn how to work with parameters read here.

Example 2: Authenticate the user

public override bool SaveChunkData( string filePath, long position, byte[] buffer, int contentLength, out int savedBytes )
{
    string authorized = this.GetQueryParameter("Authorized");
    bool isAuthorized = !string.IsNullOrEmpty( authorized ) && authorized.ToLower() == "true";
    if ( !isAuthorized )
    {
    }
    return base.SaveChunkData( filePath, position, buffer, contentLength, out savedBytes );
}
Public Overrides Function SaveChunkData(filePath As String, position As Long, buffer As Byte(), contentLength As Integer, savedBytes As Integer) As Boolean
 Dim authorized As String = Me.GetQueryParameter("Authorized")
 Dim isAuthorized As Boolean = Not String.IsNullOrEmpty(authorized) AndAlso authorized.ToLower() = "true"
 If Not isAuthorized Then
 End If
 Return MyBase.SaveChunkData(filePath, position, buffer, contentLength, savedBytes)
End Function

If the user is not valid, you have to skip the execution of the base method and return the following set of parameters to the client.

Example 3: Skipping the chunk saving if the user is not valid

public override bool SaveChunkData( string filePath, long position, byte[] buffer, int contentLength, out int savedBytes )
{
    string authorized = this.GetQueryParameter( "Authorized" );
    bool isAuthorized = !string.IsNullOrEmpty( authorized ) && authorized.ToLower() == "true";
    if ( !isAuthorized )
    {
        this.AddReturnParam( RadUploadConstants.ParamNameMessage, "Security token is required. Please login." );
        string fileName = this.GetQueryParameter( RadUploadConstants.ParamNameFileName );
        this.AddReturnFileParam( RadUploadConstants.ParamNameSuccess, false );
        this.AddReturnFileParam( RadUploadConstants.ParamNameFileName, fileName );
        this.AddReturnFileParam( RadUploadConstants.ParamNameFinalFileRequest, true );
        savedBytes = 0;
        return false;
    }
    return base.SaveChunkData( filePath, position, buffer, contentLength, out savedBytes );
}
Public Overrides Function SaveChunkData(filePath As String, position As Long, buffer As Byte(), contentLength As Integer, savedBytes As Integer) As Boolean
 Dim authorized As String = Me.GetQueryParameter("Authorized")
 Dim isAuthorized As Boolean = Not String.IsNullOrEmpty(authorized) AndAlso authorized.ToLower() = "true"
 If Not isAuthorized Then
  Me.AddReturnParam(RadUploadConstants.ParamNameMessage, "Security token is required. Please login.")
  Dim fileName As String = Me.GetQueryParameter(RadUploadConstants.ParamNameFileName)
  Me.AddReturnFileParam(RadUploadConstants.ParamNameSuccess, False)
  Me.AddReturnFileParam(RadUploadConstants.ParamNameFileName, fileName)
  Me.AddReturnFileParam(RadUploadConstants.ParamNameFinalFileRequest, True)
  savedBytes = 0
  Return False
 End If
 Return MyBase.SaveChunkData(filePath, position, buffer, contentLength, savedBytes)
End Function

Here is a snapshot of the RadUpload control, after an invalid upload attempt.

See Also

Was this article helpful? Yes No

Give article feedback

Tell us how we can improve this article

Dummy