public IHttpActionResult Login(HttpRequestMessage message)
{
if (!CheckHeaders(message, out string responseMessage))
{
return(BadRequest(responseMessage));
}
var username = message.Headers.GetValues("username").FirstOrDefault();
var password = message.Headers.GetValues("password").FirstOrDefault();
if (!VerifyUser(username, password))
{
return(Unauthorized());
}
bool sendEmailConformation = db.User.Where(x => x.Username == username)
.Select(x => x.TwoFaEnabled)
.FirstOrDefault();
if (sendEmailConformation)
{
int sid = JwtManager.GenerateConfirmationSid();
int userId = db.User.Where(x => x.Username == username)
.Select(x => x.UserId)
.FirstOrDefault();
SaveAuthToken(userId, sid);
SendMail(userId, sid, out string token);
return(Created("Created", token));
}
else
{
int userId = db.User.Where(x => x.Username == username).Select(x => x.UserId).FirstOrDefault();
string token = JwtManager.GenerateToken(userId);
return(Ok(token));
}
}
