public IActionResult Login(BaseViewModel viewmodel)
{
var authenticated = _userService.AuthenticateLogin(viewmodel.Layout_Username, viewmodel.Layout_Password);
if (authenticated)
{
IUser user;
_context.UserRepository.GetUserIfExists(viewmodel.Layout_Username, out user);
_credentialHoldingService.PopulateService(user);
}
return(RedirectToAction("Index"));
}
public bool AuthenticateLogin(string username, string password, out string errormsg)
{
try
{
if (!_context.Users.Any(r => r.Username == username))
{
errormsg = "Username does not exist.";
return(false);
}
}
catch
{
errormsg = "Could not connect to database.";
return(false);
}
var user = _context.Users.First(r => r.Username == username);
var saltedPassword = password + user.Salt;
var hash = _crypto.Hash(saltedPassword);
if (hash != user.Password)
{
errormsg = "Username or password incorrect.";
return(false);
}
// Logged in
_creds.PopulateService(user);
errormsg = "";
return(true);
}