public IActionResult Login(LoginInput input) { if (string.IsNullOrWhiteSpace(input.Username) || string.IsNullOrWhiteSpace(input.Password)) { _logger.LogInformation("Username or password is null or empty"); return(Unauthorized()); } if (input.Username.Length > 50) { _logger.LogInformation("Username exceeds permitted length."); return(Unauthorized()); } if (input.Password.Length > 64) { _logger.LogInformation("Password exceeds permitted length."); return(Unauthorized()); } if (string.IsNullOrWhiteSpace(input.Captcha)) { _logger.LogInformation("Captcha is null or empty"); return(Unauthorized()); } if (!_captcha.VerifyCaptcha(input.Captcha, Request.HttpContext.Connection.RemoteIpAddress, "login")) { _logger.LogInformation("Captcha rejected."); return(Unauthorized()); } var user = new User { Username = input.Username, Password = input.Password }; if (_authHandler.LoginUser(ref user)) { var registerGuid = SecureGuid.CreateSecureRfc4122Guid(); var cacheEntryOptions = new MemoryCacheEntryOptions().SetAbsoluteExpiration(TimeSpan.FromMinutes(5)); _memoryCache.Set("L1" + registerGuid, user, cacheEntryOptions); var response = new MessageResponse { Message = registerGuid.ToString(), Status = "Ok" }; return(Ok(response)); } _logger.LogInformation("Auth handler rejected login."); return(Unauthorized()); }