public HttpResponseMessage LoginUser(UserLoginModel model)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
UserDataPersister.ValidateUsername(model.Username);
UserDataPersister.ValidateAuthCode(model.AuthCode);
var usernameToLower = model.Username.ToLower();
var users = context.Users;
var user = users.FirstOrDefault(
usr => usr.Username == usernameToLower && usr.AuthCode == model.AuthCode);
if (user == null)
{
throw new InvalidOperationException("Invalid Username or Password");
}
user.SessionKey = UserDataPersister.GenerateSessionKey(user.Id);
context.SaveChanges();
var loggedModel = new UserLoggedModel
{
DisplayName = user.DisplayName,
SessionKey = user.SessionKey
};
var response = this.Request.CreateResponse(HttpStatusCode.Created, loggedModel);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = user.Id }));
return response;
});
return responseMsg;
}
public HttpResponseMessage LogoutUser(
[ValueProvider(typeof(HeaderValueProviderFactory<string>))] string sessionKey)
{
var responseMsg = this.ExceptionHandler(
() =>
{
var context = new AutoMorgueContext();
var users = context.Users;
var user = users.FirstOrDefault(
usr => usr.SessionKey == sessionKey);
if (user == null)
{
throw new InvalidOperationException("Invalid Username or Password");
}
user.SessionKey = null;
context.SaveChanges();
var probUser = new UserLoginModel(){
AuthCode = "10a81501e9a609a425db71c9a59be60dabbeea86",
Username ="******"
};
var response = this.Request.CreateResponse(HttpStatusCode.OK,
probUser);
return response;
});
return responseMsg;
}
