public IActionResult Login(string userName, string password)
{
Session uc = _dataService.Login(userName, password);
if (uc != null)
{
_loginService.AddUserContext(uc);
}
else
{
_logger.LogError("Login failed. user name or password is incorrect.");
return(BadRequest());
}
_logger.LogInformation($"User {userName} successfully logged in.");
return(Created("", new SessionDTO(uc)));
}