public HttpResponseMessage AuthenticateUser(IHelloWorldParameters parameters) { var session = new SessionHandler(this.DataAccess, this.DatabaseConnectionSettings, parameters, this.HelloWorldUser); session.Authenticate(); if (session.HelloWorldUser.ErrorCode.Equals(HelloWorldErrors.NoError)) { var token = session.Start(); this.HelloWorldUser.ApiId = token.ApiID; // returning token if all is good return(this.Request.CreateResponse(HttpStatusCode.OK, token)); } else { throw new Exception("Invalid credentials provided"); } }