public HttpResponseMessage PostLogin(WebLogin login)
{
if (!ModelState.IsValid || login == null)
{
return Request.CreateResponse(HttpStatusCode.BadRequest, ModelState);
}
try
{
Random random = new Random();
Thread.Sleep(random.Next(2000));
int id = repo.attemptLogin(login);
FormsAuthentication.SetAuthCookie(id.ToString(), login.rememberMe);
return Request.CreateResponse(HttpStatusCode.Created, id);
}
catch (Exception e)
{
FormsAuthentication.SignOut();
Thread.Sleep(2000);
return Request.CreateResponse(HttpStatusCode.BadRequest, e);
}
}
public int attemptLogin(WebLogin login)
{
User user = db.Users
.SingleOrDefault(u => u.email == login.email);
if (user != null)
{
checkConditions(user);
if (Passwords.authenticateUser(user, login.password))
{
db.SaveChanges();
return user.id;
}
else
{
throw new Exception("Invalid password");
}
}
else
{
throw new Exception("Invalid email address");
}
}