public LoginModule(IDataStore dataStore, TrackingUsers trackingUsers, ErrorCodes errorCodes, PasswordManager passwordManager) : base("/login", dataStore, trackingUsers, errorCodes) { _trackingUsers = trackingUsers; _passwordManager = passwordManager; Post["/"] = parameters => { Response response; if (!CheckSaveRetention(SessionCache, out response)) { return(response); } var loginModel = this.Bind <LoginModel>(); var trackingUser = _trackingUsers.Query().FirstOrDefault(x => x.Username == loginModel.Username); if (trackingUser == null) { return(ErrorResponse(HttpStatusCode.Unauthorized, "Wrong username or password!")); } var password = loginModel.Password; var passwordSalt = trackingUser.Salt; var passwordHash = trackingUser.Password; var confirmPassword = _passwordManager.ConfirmPassword(password, passwordHash, passwordSalt); if (confirmPassword) { trackingUser.AccessToken = new AccessToken(Guid.NewGuid().ToString()); _trackingUsers.Update(trackingUser); } return(confirmPassword ? Response.AsJson(trackingUser.AccessToken) : ErrorResponse(HttpStatusCode.Unauthorized, "Wrong username or password!")); }; }