public IActionResult Login(LoginRegUser postData)
{
LoginUser loginAttempt = postData.LoginUser;
if (ModelState.IsValid)
{
// Verify user exists in DB
User dbUser = db.Users.FirstOrDefault(uemail => uemail.Email == loginAttempt.Email);
if (dbUser == null)
{
ModelState.AddModelError("LoginUser.Email", "Invalid email and password combination");
return(View("Index"));
}
// Check submitted password against db password
PasswordHasher <LoginUser> hasher = new PasswordHasher <LoginUser>();
PasswordVerificationResult result = hasher.VerifyHashedPassword(loginAttempt, dbUser.Password, loginAttempt.Password);
if (result == 0)
{
ModelState.AddModelError("LoginUser.Password", "Invalid email and password combination");
return(View("Index"));
}
// if successful, add user to session and redirect to dashboard
HttpContext.Session.SetInt32("UserId", dbUser.UserId);
return(RedirectToAction("Dashboard", "Home"));
}
return(View("Index"));
}
public IActionResult Register(LoginRegUser postData)
{
User newUser = postData.User;
if (ModelState.IsValid)
{
// Check if email exists in DB
if (db.Users.Any(u => u.Email == newUser.Email))
{
ModelState.AddModelError("User.Email", "This email is already in use.");
return(View("Index"));
}
// Hash incoming user password
PasswordHasher <User> hasher = new PasswordHasher <User>();
newUser.Password = hasher.HashPassword(newUser, newUser.Password);
// Add new user to DB
db.Users.Add(newUser);
db.SaveChanges();
// Add user to session and redirect to Dashboard
HttpContext.Session.SetInt32("UserId", newUser.UserId);
return(RedirectToAction("Dashboard", "Home"));
}
return(View("Index"));
}