using System;
using System.Web.Http;
using MarketData;
using MarketDataServer.Authorization;

namespace MarketDataServer.Controllers
{
  public class AuthorizationController : ApiController
  {

    public String GetToken(String user, String password)
    {
      MDTrace.WriteLine(LogLevel.DEBUG,String.Format("[{0:G}][AuthorizationController::Authorize]",DateTime.Now));
      if(null==user)return null;
      user=Authorizations.Xor(user,5);
      password=Authorizations.Xor(password,5);
      MDTrace.WriteLine(LogLevel.DEBUG,String.Format("[{0:G}][Login requested for user '{1}']",DateTime.Now, user));
      if(!Authorizations.GetInstance().IsValidUser(user, password))
      {
        MDTrace.WriteLine(LogLevel.DEBUG,String.Format("[{0:G}][User '{1}' is not authorized]", DateTime.Now,user));
        return null;
      }
      String accessToken= Authorizations.GetInstance().GetAuthenticationToken();
      MDTrace.WriteLine(LogLevel.DEBUG,String.Format("[{0:G}][Access token granted for user {1} : {2}]",DateTime.Now ,user, accessToken));
      return accessToken;
    }
  }
}