public IHttpActionResult Login(LoginModel model)
{
if (model == null || String.IsNullOrWhiteSpace(model.Email))
{
return(BadRequest("Email Address is required."));
}
if (String.IsNullOrWhiteSpace(model.Password))
{
return(BadRequest("Password is required."));
}
User user;
try {
user = _userRepository.GetByEmailAddress(model.Email);
} catch (Exception) {
return(Unauthorized());
}
if (user == null || !user.IsActive)
{
return(Unauthorized());
}
if (String.IsNullOrEmpty(user.Salt))
{
return(Unauthorized());
}
string encodedPassword = model.Password.ToSaltedHash(user.Salt);
if (!String.Equals(encodedPassword, user.Password))
{
_exceptionless.CreateFeatureUsage("Invalid Password").AddTags("Login").SetProperty("Email Address", model.Email).SetProperty("Password Length", model.Password != null ? model.Password.Length : 0).Submit();
return(Unauthorized());
}
if (!String.IsNullOrEmpty(model.InviteToken))
{
AddInvitedUserToOrganization(model.InviteToken, user);
}
_exceptionless.CreateFeatureUsage("Login").AddObject(user).Submit();
return(Ok(new { Token = GetToken(user) }));
}