public IActionResult Login(ReturningUser user) { if (ModelState.IsValid) { var emailQuery = $"Select * from users where email='{user.email}'"; var result = _dbConnector.Query(emailQuery).FirstOrDefault(); if (result == null) { ModelState.AddModelError("email", "Invalid email/password"); } else { var hasher = new PasswordHasher <ReturningUser>(); var pw = result["password"].ToString(); if (hasher.VerifyHashedPassword(user, pw, user.password) == PasswordVerificationResult.Failed) { ModelState.AddModelError("email", "Invalid email/password"); } } if (ModelState.IsValid) { HttpContext.Session.SetInt32("id", (int)result["id"]); return(RedirectToAction("Show")); } } return(View()); }
public IActionResult LoginUser(ReturningUser userSubmission) { if (ModelState.IsValid) { User userInDb = dbContext.Users.FirstOrDefault(u => u.Email == userSubmission.Email); if (userInDb == null) { ModelState.AddModelError("Email", "No user with that email"); return(View("Login")); } var hasher = new PasswordHasher <ReturningUser>(); var result = hasher.VerifyHashedPassword(userSubmission, userInDb.Password, userSubmission.Password); if (result == 0) { ModelState.AddModelError("Password", "Incorrect password"); return(View("Login")); } HttpContext.Session.SetInt32("id", userInDb.UserId); return(RedirectToAction("Index", "Home")); } else { return(View("Login")); } }