public ActionResult LogIn(LogInModel logInModel)
{
User dbUser = null;
if (ModelState.IsValid)
{
dbUser = GetContext().User
.FirstOrDefault(u => u.Username == logInModel.Username);
ValidateLogInModel(dbUser, logInModel);
}
if (ModelState.IsValid)
{
Authorize(dbUser);
}
if (Request.IsAjaxRequest())
{
return PartialView("_LogIn");
}
if (ModelState.IsValid)
{
return RedirectToAction(HomeController.IndexAction, HomeController.ControllerName,
new {pageNumber = logInModel.ReturnPageNumber});
}
SaveModelState(ModelState);
return RedirectToAction(LogInAction, new { returnPageNumber = logInModel.ReturnPageNumber });
}
// Verify that user exists and password is right
private void ValidateLogInModel(User dbUser, LogInModel logInModel)
{
if (dbUser == null)
{
ModelState.AddModelError("Username", "This username doesn't exist");
}
else
{
try
{
if (!BCrypt.Net.BCrypt.Verify(logInModel.Password, dbUser.Password))
{
ModelState.AddModelError("Password", "Password is wrong!");
}
}
catch (SaltParseException)
{
ModelState.AddModelError("Password", "Password is wrong!");
}
}
}
