public HttpResponseMessage Login([FromBody] UserLoginRequest userInfo)
{
if (string.IsNullOrWhiteSpace(userInfo.Login) || string.IsNullOrWhiteSpace(userInfo.Password))
{
return Request.CreateBadRequestResponse();
}
using (IDatabaseService database = new DatabaseService())
{
if (!database.CheckAuthentification(userInfo.Login, userInfo.Password))
{
return Request.CreateErrorResponse(HttpStatusCode.Unauthorized, "Invalid credentials");
}
return Request.CreateEmptyGoodReponse();
}
}
public async Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
HttpRequestMessage request = context.Request;
string login = request.GetHeaderValue("x-indiarose-login");
string password = request.GetHeaderValue("x-indiarose-password");
if (string.IsNullOrWhiteSpace(login) || string.IsNullOrWhiteSpace(password))
{
context.ErrorResult = new AuthenticationFailureResult("Missing credentials", request);
return;
}
using (IDatabaseService database = new DatabaseService())
{
if (database.CheckAuthentification(login, password))
{
AuthentificationPrincipal identity = new AuthentificationPrincipal(database.GetUserByLogin(login), password);
string deviceName = request.GetHeaderValue("x-indiarose-device");
if (!string.IsNullOrWhiteSpace(deviceName))
{
identity.Device = database.GetDevice(identity.User, deviceName);
if (identity.Device == null && _deviceRequired)
{
context.ErrorResult = new AuthenticationFailureResult("Invalid device name", request);
return;
}
}
else if (_deviceRequired)
{
context.ErrorResult = new AuthenticationFailureResult("Missing device name", request);
return;
}
context.Principal = identity;
}
else
{
context.ErrorResult = new AuthenticationFailureResult("Invalid credentials", request);
}
}
}