public HttpResponseMessage Login([FromBody] UserLoginRequest userInfo) { if (string.IsNullOrWhiteSpace(userInfo.Login) || string.IsNullOrWhiteSpace(userInfo.Password)) { return Request.CreateBadRequestResponse(); } using (IDatabaseService database = new DatabaseService()) { if (!database.CheckAuthentification(userInfo.Login, userInfo.Password)) { return Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Invalid credentials"); } return Request.CreateEmptyGoodReponse(); } }
public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken) { HttpRequestMessage request = context.Request; string login = request.GetHeaderValue("x-indiarose-login"); string password = request.GetHeaderValue("x-indiarose-password"); if (string.IsNullOrWhiteSpace(login) || string.IsNullOrWhiteSpace(password)) { context.ErrorResult = new AuthenticationFailureResult("Missing credentials", request); return; } using (IDatabaseService database = new DatabaseService()) { if (database.CheckAuthentification(login, password)) { AuthentificationPrincipal identity = new AuthentificationPrincipal(database.GetUserByLogin(login), password); string deviceName = request.GetHeaderValue("x-indiarose-device"); if (!string.IsNullOrWhiteSpace(deviceName)) { identity.Device = database.GetDevice(identity.User, deviceName); if (identity.Device == null && _deviceRequired) { context.ErrorResult = new AuthenticationFailureResult("Invalid device name", request); return; } } else if (_deviceRequired) { context.ErrorResult = new AuthenticationFailureResult("Missing device name", request); return; } context.Principal = identity; } else { context.ErrorResult = new AuthenticationFailureResult("Invalid credentials", request); } } }