// POST: /api/login
public HttpResponseMessage Post(LoginUser loginUser)
{
if (!this.ModelState.IsValid)
{
return this.Request.CreateErrorResponse(HttpStatusCode.BadRequest, this.ModelState);
}
var user = this.db.Users.GetByUserNameOrEmail(loginUser.UserName, loginUser.Password);
if (user == null)
{
this.ModelState.AddModelError(string.Empty, "The username or password provided is incorrect.");
return this.Request.CreateErrorResponse(HttpStatusCode.BadRequest, this.ModelState);
}
this.formsAuth.SetAuthCookie(user.UserName, true);
return this.Request.CreateResponse(
HttpStatusCode.OK,
new
{
UserName = user.UserName,
Email = user.Email,
EmailHash = user.EmailHash,
DisplayName = user.DisplayName
});
}
