public ActionResult ProcessLogin(User user) { string email = user.Email; //We search the database for matching record? var db = new wdtentitiesEntities3(); var users = db.Users.ToList(); var u = from x in users where x.Email == user.Email select x; if (u.Count() == 0) { //No matching user ModelState.AddModelError("", "The user login or password provided is incorrect."); return(View("Index")); } else { //we have found the user //compare passwords (hash first) var password = u.First().Password; if (BCrypt.Net.BCrypt.Verify(user.Password, password)) { //success, save username to sessions Session.Add("UserEmail", user.Email); Session.Add("UserID", u.First().UserID); Session.Add("UserFirstName", u.First().FirstName); Session.Add("IsAdmin", u.First().IsAdmin); return(RedirectToAction("Index", "Home"));; } ModelState.AddModelError("", "The user login or password provided is incorrect."); return(View("Index")); } }