public HttpResponseMessage PostLogin(WebLogin login) { if (!ModelState.IsValid || login == null) { return Request.CreateResponse(HttpStatusCode.BadRequest, ModelState); } try { Random random = new Random(); Thread.Sleep(random.Next(2000)); int id = repo.attemptLogin(login); FormsAuthentication.SetAuthCookie(id.ToString(), login.rememberMe); return Request.CreateResponse(HttpStatusCode.Created, id); } catch (Exception e) { FormsAuthentication.SignOut(); Thread.Sleep(2000); return Request.CreateResponse(HttpStatusCode.BadRequest, e); } }
public int attemptLogin(WebLogin login) { User user = db.Users .SingleOrDefault(u => u.email == login.email); if (user != null) { checkConditions(user); if (Passwords.authenticateUser(user, login.password)) { db.SaveChanges(); return user.id; } else { throw new Exception("Invalid password"); } } else { throw new Exception("Invalid email address"); } }