Simple login

[ServiceContract( SessionMode=SessionMode.Required)]
public interface IService
{
    [OperationContract(IsInitiating = true, IsTerminating = false)]
    void login(string username, string password);

    [OperationContract(IsInitiating = false, IsTerminating = false)]
    string getdata();
}



public class Service : IService
{
// todo: make threadsafe!
    public static List<Guid> authenticated = new List<Guid>();

    public void login(string username, string password)
    {

        if (username == "correctUsername" || password == "correctPassword")
        {
            // user has given correct username/pasword
            Guid currentSessionId = OperationContext.Current.SessionId;

        // note: can throw Exception when calling login twice or more, check if item exists first
            authenticated.Add(currentSessionId);
        }


    }

    public string getdata()
    {
        Guid currentSessionId = OperationContext.Current.SessionId;
        if (List.Contains(currentSessionId)
        {
                return "these are data";
        }

        return String.Empty;
    }
}

You can identify a session by the current session ID. After the user authentication is correct, you can add this session to the list of authenticated sessions.

Mind: This is just some pseudo code. The session ID should be deleted when the session is closed, the list I'm using is not thread safe ... But I hope this helps you in the right direction.