public HttpResponseMessage Login(string username, string password)
{
if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
{
User user = db.User.FirstOrDefault(u => u.username == username);
if (user != null)
{
if (HomeController.ComparePasswords(user.password, user.salt, password))
{
return(HomeController.CreateAuthorizationHeader(Request, username));
}
else
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized, "usuario o contraseña incorrecta"));
}
}
return(Request.CreateResponse(HttpStatusCode.NotFound, "el usuario no existe"));
}
return(Request.CreateResponse(HttpStatusCode.BadRequest, "usuario o contraseña vacía"));
}
