public IHttpActionResult Login() { try { var request = new AuthenticatedRequest(); var account = request.GetPostString("account"); var password = request.GetPostString("password"); var isAutoLogin = request.GetPostBool("isAutoLogin"); var userInfo = DataProvider.UserDao.Validate(account, password, true, out var _, out var errorMessage); if (userInfo == null) { return(BadRequest(errorMessage)); } var accessToken = request.UserLogin(userInfo.UserName, isAutoLogin); var expiresAt = DateTime.Now.AddDays(Constants.AccessTokenExpireDays); return(Ok(new { Value = userInfo, AccessToken = accessToken, ExpiresAt = expiresAt })); } catch (Exception ex) { LogUtils.AddErrorLog(ex); return(InternalServerError(ex)); } }