public async Task <IActionResult> Login(UserAccountModel body)
{
try
{
if (body == null)
{
IActionResult actionResult = BadRequest(
"The client set the requested body to null before it was sent."
);
return(StatusCode(StatusCodes.Status400BadRequest, actionResult));
}
else
{
if (string.IsNullOrEmpty(body.userName) || string.IsNullOrWhiteSpace(body.userName))
{
IActionResult Response = customActionResult.FieldsRequired(
"The email field has been sent from the client null, empty, or whitespaced."
);
return(StatusCode(StatusCodes.Status411LengthRequired, Response));
}
else if (string.IsNullOrEmpty(body.password) || string.IsNullOrWhiteSpace(body.password))
{
IActionResult Response = customActionResult.FieldsRequired(
"The password field has been sent from the client null, empty, or whitespaced."
);
return(StatusCode(StatusCodes.Status411LengthRequired, Response));
}
else
{
DynamicParameters userName_params = new DynamicParameters();
userName_params.Add("@userName", body.userName);
string userName_string = $"SELECT [id], [userName] FROM [User] WHERE [userName] = @userName";
var userName_results = await _db.SelectAsync <UserAccountModel, dynamic>(userName_string, userName_params);
if (userName_results.Count < 1)
{
IActionResult actionResult = customActionResult.NotFound(
"The username provided does not exist in the database, try again."
);
return(StatusCode(StatusCodes.Status202Accepted, actionResult));
}
else
{
_user.userName = userName_results[0].userName;
string password_string = $"SELECT [password] FROM [User] WHERE [userName] = @userName";
var password_results = await _db.SelectAsync <UserAccountModel, dynamic>(password_string, userName_params);
if (password_results.Count < 1)
{
IActionResult actionResult = customActionResult.NotFound(
"The user details provided do not exist in the database, try again."
);
return(StatusCode(StatusCodes.Status404NotFound, actionResult));
}
else
{
_user.password = password_results[0].password;
bool comparePassword = new HashPassword().VerifyPassword(_user.password, body.password);
if (comparePassword == false)
{
IActionResult actionResult = customActionResult.Unauthorized(
"Credentials not accepted, access denied."
);
return(StatusCode(StatusCodes.Status401Unauthorized, actionResult));
}
else
{
var token = await Authenticate(body);
IActionResult actionResult = customActionResult.AcceptedUserCredentials(
"User credentials accepted, logged in successfully.", token
);
return(StatusCode(StatusCodes.Status202Accepted, actionResult));
}
}
}
}
}
}
catch (Exception e)
{
return(StatusCode(StatusCodes.Status500InternalServerError, e.Message));
}
}