public async Task <IActionResult> Login(LoginDataModel data)
{
if (string.IsNullOrWhiteSpace(data.Username) || string.IsNullOrWhiteSpace(data.Password))
{
return(this.RedirectToAction("Index", "Home", new { area = "" }));
}
var user = await this.AuthService.Login(data);
if (user == null)
{
return(this.RedirectToAction("Index", "Home", new { area = "" }));
}
string sessionKey = await this.AuthService.CreateNewSession(user.UserId, data.RememberMe);
this.SessionCookieService.SetSessionKey(sessionKey);
return(this.RedirectToAction("Index", "Home"));
}
/// <summary>
/// Signs in the user using login account.
/// </summary>
public async Task <UserPoco> Login(LoginDataModel loginModel)
{
byte[] passwordBytes = Encoding.ASCII.GetBytes(loginModel.Password);
byte[] result;
using (var shaM = SHA512.Create())
{
result = shaM.ComputeHash(passwordBytes);
}
var parametars = new[]
{
new NpgsqlParameter("username", loginModel.Username),
new NpgsqlParameter("password", result)
};
var account = await this.Database.QueryOne <UserPoco>(
"SELECT * FROM users u WHERE u.username=@username AND u.password=@password AND u.is_deleted=false;",
parametars
);
return(account);
}