// POST api/Login
public HttpResponseMessage PostLogin(ClientLogin login)
{
if (ModelState.IsValid)
{
var user = (from u in _db.Users.Include(o => o.Passwords)
where u.Username == login.Username &&
u.Passwords.OrderByDescending(d => d.Date).FirstOrDefault().PasswordHash == login.Password
select u).FirstOrDefault();
if (user == null)
{
return Request.CreateResponse(HttpStatusCode.Unauthorized);
}
var now = DateTime.Now;
var userLogin = new Login
{
Ip = ((HttpContextWrapper) Request.Properties["MS_HttpContext"]).Request.UserHostAddress,
LoginTime = now,
LogoutTime = now.AddHours(1),
Session = new Session
{
Begin = now,
Expires = now.AddHours(1),
Token = Guid.NewGuid()
}
};
_db.Logins.Add(userLogin);
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, userLogin);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = userLogin.Id }));
return response;
}
return Request.CreateResponse(HttpStatusCode.BadRequest);
}
// PUT api/Login/5
public HttpResponseMessage PutLogin(int id, Login login)
{
if (ModelState.IsValid && id == login.Id)
{
_db.Entry(login).State = EntityState.Modified;
try
{
_db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
return Request.CreateResponse(HttpStatusCode.NotFound);
}
return Request.CreateResponse(HttpStatusCode.OK);
}
else
{
return Request.CreateResponse(HttpStatusCode.BadRequest);
}
}
