public HttpResponseMessage Post(LoginRequest pLoginRequest)
{
TalkerContext talkerContext = new TalkerContext();
User user = talkerContext.Users.Where(a => a.mName == pLoginRequest.mUserName).SingleOrDefault();
if (user != null)
{
byte[] incomingPd = PasswordUtility.hash(pLoginRequest.mPassword, user.mSalt);
if (PasswordUtility.slowEquals(incomingPd, user.mSaltedAndHashedPd))
{
ClaimsIdentity claimsId = new ClaimsIdentity();
claimsId.AddClaim(new Claim(ClaimTypes.NameIdentifier, pLoginRequest.mUserName));
LoginResult loginResult = new CustomLoginProvider(handler).CreateLoginResult(claimsId, Services.Settings.MasterKey);
return(this.Request.CreateResponse(HttpStatusCode.OK, loginResult));
}
}
return(this.Request.CreateResponse(HttpStatusCode.Unauthorized, "Invalid Username or Password"));
}