public IHttpActionResult Login([FromUri] string username, [FromUri] string password)
{
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
Logger.GetLogger().Warn($"Username or password is not specified");
return(BadRequest("Username or password is not specified"));
}
Request.GetOwinContext().Authentication.SignOut();
using (IUnitOfWork uow = ObjectFactory.GetInstance <IUnitOfWork>())
{
Fr8AccountDO dockyardAccountDO = uow.UserRepository.FindOne(x => x.UserName == username);
if (dockyardAccountDO != null)
{
var passwordHasher = new PasswordHasher();
if (passwordHasher.VerifyHashedPassword(dockyardAccountDO.PasswordHash, password) == PasswordVerificationResult.Success)
{
ISecurityServices security = ObjectFactory.GetInstance <ISecurityServices>();
ClaimsIdentity identity = security.GetIdentity(uow, dockyardAccountDO);
Request.GetOwinContext().Authentication.SignIn(new AuthenticationProperties
{
IsPersistent = true
}, identity);
return(Ok());
}
}
}
Logger.GetLogger().Warn($"Loging failed for {username}");
return(StatusCode(HttpStatusCode.Forbidden));
}
