public ApiResponse Login(string authHeader, string ipAddress, string requestMode = null) { var authorization = authHeader; var status = true; var isValid = LoginResponse.DeactivatedUser; var responseMessage = string.Empty; if (!string.IsNullOrEmpty(authorization)) { if (!string.IsNullOrEmpty(requestMode)) { var requestModeString = Encoding.UTF8.GetString(Convert.FromBase64String(requestMode)); var requestModeDecrypt = crypto.Decrypt(requestModeString) .Split(';') .Select(part => part.Split('=')) .Where(part => part.Length == 2) .ToDictionary(sp => sp[0], sp => sp[1]); ipAddress = requestModeDecrypt["IP"]; } var encodeUsernamePwd = Encoding.UTF8.GetString(Convert.FromBase64String(authorization)); var splitUsernamePwd = encodeUsernamePwd.IndexOf(":"); var encryptusername = encodeUsernamePwd.Substring(0, splitUsernamePwd); var usernameIp = crypto.Decrypt(encryptusername); var usernameDic = usernameIp.Split(';') .Select(e => e.Split('=')) .Where(e => e.Length == 2) .ToDictionary(a => a[0], a => a[1]); var username = usernameDic["plainText"]; var encryptPassword = encodeUsernamePwd.Substring(splitUsernamePwd + 1); var passwordIp = crypto.Decrypt(encryptPassword); var passwordDic = passwordIp.Split(';') .Select(part => part.Split('=')) .Where(part => part.Length == 2) .ToDictionary(sp => sp[0], sp => sp[1]); var password = passwordDic["plainText"]; isValid = IsValidCredentials(username, password); if (ipAddress == passwordDic["IP"]) { switch (isValid) { case LoginResponse.ValidUser: userManagement.AddUserToken(userManagement.GetUserId(username), ipAddress, String.Empty); responseMessage = "Logged in successfully"; break; case LoginResponse.InvalidPassword: status = false; responseMessage = "Invalid password"; break; case LoginResponse.ThrottledUser: status = false; responseMessage = "User has been locked"; break; case LoginResponse.InvalidUserName: status = false; responseMessage = "Invalid username"; break; case LoginResponse.DeactivatedUser: status = false; responseMessage = "Invalid user"; break; case LoginResponse.DeletedUser: status = false; responseMessage = "Deleted user"; break; } } else { status = false; responseMessage = "You are not an authorized user"; } } return(new ApiResponse { ApiStatus = true, Data = new ApiData { Success = status, Message = responseMessage, StatusText = isValid.ToString() } }); }