// POST api/Login public HttpResponseMessage PostLogin(ClientLogin login) { if (ModelState.IsValid) { var user = (from u in _db.Users.Include(o => o.Passwords) where u.Username == login.Username && u.Passwords.OrderByDescending(d => d.Date).FirstOrDefault().PasswordHash == login.Password select u).FirstOrDefault(); if (user == null) { return Request.CreateResponse(HttpStatusCode.Unauthorized); } var now = DateTime.Now; var userLogin = new Login { Ip = ((HttpContextWrapper) Request.Properties["MS_HttpContext"]).Request.UserHostAddress, LoginTime = now, LogoutTime = now.AddHours(1), Session = new Session { Begin = now, Expires = now.AddHours(1), Token = Guid.NewGuid() } }; _db.Logins.Add(userLogin); HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, userLogin); response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = userLogin.Id })); return response; } return Request.CreateResponse(HttpStatusCode.BadRequest); }
// PUT api/Login/5 public HttpResponseMessage PutLogin(int id, Login login) { if (ModelState.IsValid && id == login.Id) { _db.Entry(login).State = EntityState.Modified; try { _db.SaveChanges(); } catch (DbUpdateConcurrencyException) { return Request.CreateResponse(HttpStatusCode.NotFound); } return Request.CreateResponse(HttpStatusCode.OK); } else { return Request.CreateResponse(HttpStatusCode.BadRequest); } }