public IHttpActionResult Login(LoginData data) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var result = from customer in _db.Customers where customer.Email == data.Email select customer; if (!result.Any()) { result = from customer in _db.Customers where customer.PhoneNum == data.Phone select customer; if (!result.Any()) { return(NotFound()); } } var hashed = EncryptProvider.Md5(data.Password); if (result.First().Password != hashed) { return(BadRequest("密码不正确!")); } var cookie = new HttpCookie("sessionId") { Value = CustomerSession.SetSessionId(result.First().CustomerId).ToString(), Expires = DateTime.Now.AddHours(1) }; HttpContext.Current.Response.Cookies.Add(cookie); return(Ok()); }