public IHttpActionResult Login([FromBody] User user)
{
string hashedPassword = AuthorizationService.GetHashSha256(user.Password);
user = _database.Users.Where(x => x.Username == user.Username && x.Password == hashedPassword).FirstOrDefault();
if (user == null)
{
return(Unauthorized());
}
if (user.IsActive == false)
{
return(Unauthorized());
}
user.Token = Guid.NewGuid().ToString();
var frontendUser = new RequestUser()
{
Username = user.Username, Token = user.Token, AccessLevel = user.AccessLevel, LastLogin = user.LastLogin
};
user.LastLogin = DateTime.Now;
_database.Context.SaveChanges();
return(Ok(frontendUser));
}
public IHttpActionResult Authorize([FromBody] User user)
{
if (AuthorizationService.CheckIfAuthorized(ref user, ref _database, Request.Headers, AccessLevel.Default) != 0)
{
return(Unauthorized());
}
var frontendUser = new RequestUser()
{
Username = user.Username,
Token = user.Token,
AccessLevel = user.AccessLevel,
LastLogin = user.LastLogin
};
return(Ok(frontendUser));
}
