Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Collections.Generic;
- using System.Linq;
- using System.Net;
- using System.Net.Http;
- using System.Web.Http;
- using System.Web.Http.Cors;
- using System.Web.Security;
- using WorkAtHeightWebApp.Models;
- namespace WorkAtHeightWebApp.Controllers
- {
- [EnableCors("*", "*", "*")]
- public class AccountController : ApiController
- {
- [AcceptVerbs("GET", "POST")]
- public object GetAuthToken(string email, string password)
- {
- using (var db = new WorkAtHeightContext())
- {
- var userDetails = db.CompanyUsers.Where(m => m.EmailAddress.Equals(email, StringComparison.CurrentCultureIgnoreCase)).FirstOrDefault();
- if (userDetails == null || !PasswordHash.ValidatePassword(password, userDetails.Password))
- {
- throw new Exception("The credentials you have provided are invalid.");
- }
- else
- {
- FormsAuthenticationTicket ticket =
- new FormsAuthenticationTicket(1, userDetails.EmailAddress,
- DateTime.Now, DateTime.Now.Add(FormsAuthentication.Timeout),
- false, userDetails.UserType);
- string ticketString = FormsAuthentication.Encrypt(ticket);
- return new { AccessToken = ticketString, UserRole = userDetails.UserType };
- }
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
