public AuthenticationResult Authenticate(string username, string password)
{
if (string.IsNullOrEmpty(username))
{
throw new ApiException("User name was not provided", HttpStatusCode.Forbidden);
}
if (string.IsNullOrEmpty(password))
{
throw new ApiException("Password was not provided", HttpStatusCode.Forbidden);
}
return(ExecuteDb(db =>
{
var user = db.Users.FirstOrDefault(x => x.Username == username);
if (user == null)
{
return new AuthenticationResult(false, "User '" + username + "' could not be found");
}
if (string.Equals(user.Password, CryptoUtils.CalculateHash(password)))
{
var result = new AuthenticationResult(true, string.Empty);
result.SetUser(new User
{
CreatedAt = user.CreatedAt,
Username = user.Username,
Fullname = user.Fullname,
Id = user.Id
});
return result;
}
return new AuthenticationResult(false, "Invalid password");
}));
}