public ActionResult LogIn(LogInModel logInModel) { User dbUser = null; if (ModelState.IsValid) { dbUser = GetContext().User .FirstOrDefault(u => u.Username == logInModel.Username); ValidateLogInModel(dbUser, logInModel); } if (ModelState.IsValid) { Authorize(dbUser); } if (Request.IsAjaxRequest()) { return PartialView("_LogIn"); } if (ModelState.IsValid) { return RedirectToAction(HomeController.IndexAction, HomeController.ControllerName, new {pageNumber = logInModel.ReturnPageNumber}); } SaveModelState(ModelState); return RedirectToAction(LogInAction, new { returnPageNumber = logInModel.ReturnPageNumber }); }
// Verify that user exists and password is right private void ValidateLogInModel(User dbUser, LogInModel logInModel) { if (dbUser == null) { ModelState.AddModelError("Username", "This username doesn't exist"); } else { try { if (!BCrypt.Net.BCrypt.Verify(logInModel.Password, dbUser.Password)) { ModelState.AddModelError("Password", "Password is wrong!"); } } catch (SaltParseException) { ModelState.AddModelError("Password", "Password is wrong!"); } } }