public LoginUserReponse LoginUserAction(IUserProfile UserProfileObj) { bool IsLoggedIn = false; string Email = UserProfileObj.GetEmail(); string Password = UserProfileObj.GetPassword(); string Token = ""; string ErrorText = ""; string DbSalt = ""; string DbHashPassword = ""; string HashPassword = ""; try { DataSet output = new UserActionsDataLayer(UserProfileObj).GetHashedPassword(); if (output.Tables[0].Rows.Count > 0) { DbSalt = output.Tables[0].Rows[0]["salt"].ToString(); DbHashPassword = output.Tables[0].Rows[0]["password"].ToString(); HashPassword = SHA256.Instance().hash(Password + DbSalt); if (DbHashPassword == HashPassword) { Token = SHA256.Instance().hash(Email + Password + DateTime.Now.ToString()); // create a long token Token += SHA256.Instance().hash(Email + Password + DateTime.Now.AddSeconds(200).ToString()); UserProfileObj.SetToken(Token); // update the token value to database so as to authenticate the user for all events new Security(UserProfileObj).AddTokenToDB(); IsLoggedIn = true; } else { IsLoggedIn = false; Logger.Instance().Log(Warn.Instance(), new WarnDebug("Authentication failed for email : " + Email.ToString())); ErrorText = "Invalid Email ID and password combination"; } } else { IsLoggedIn = false; ErrorText = "Invalid Email ID and password combination"; } } catch (Exception ex) { Logger.Instance().Log(Fatal.Instance(), ex); IsLoggedIn = false; ErrorText = "Unable to login to the system, please try again later. This event has been logged"; throw ex; } LoginUserReponse LoginResponse = new LoginUserReponse(); LoginResponse.SetIsLoggedIn(IsLoggedIn); LoginResponse.SetErrorText(ErrorText); LoginResponse.SetToken(Token); return(LoginResponse); }