public IHttpActionResult Login([FromBody] User user) { string hashedPassword = AuthorizationService.GetHashSha256(user.Password); user = _database.Users.Where(x => x.Username == user.Username && x.Password == hashedPassword).FirstOrDefault(); if (user == null) { return(Unauthorized()); } if (user.IsActive == false) { return(Unauthorized()); } user.Token = Guid.NewGuid().ToString(); var frontendUser = new RequestUser() { Username = user.Username, Token = user.Token, AccessLevel = user.AccessLevel, LastLogin = user.LastLogin }; user.LastLogin = DateTime.Now; _database.Context.SaveChanges(); return(Ok(frontendUser)); }
public IHttpActionResult Authorize([FromBody] User user) { if (AuthorizationService.CheckIfAuthorized(ref user, ref _database, Request.Headers, AccessLevel.Default) != 0) { return(Unauthorized()); } var frontendUser = new RequestUser() { Username = user.Username, Token = user.Token, AccessLevel = user.AccessLevel, LastLogin = user.LastLogin }; return(Ok(frontendUser)); }