public async Task <ActionResult> Login(LoginViewModel loginUser) { if (loginUser != null && ModelState.IsValid) { var userByUsername = await DatabaseContext.RegisteredUsers.Find(new BsonDocument { { "Account.UserName", loginUser.UserName } }).ToListAsync(); var passowordEncryption = new PasswordHashAndSalt(); loginUser.Password = passowordEncryption.getHashedPassword(loginUser.Password); if (userByUsername.Count > 0) { if (userByUsername[0].Account.UserName.Equals(loginUser.UserName) && (userByUsername[0].Account.Password.Equals(loginUser.Password) || (!string.IsNullOrEmpty(userByUsername[0].Account.TempPassword) && userByUsername[0].Account.TempPassword.Equals(loginUser.Password)))) { var userAuthentication = new UserAuthentication(); var identity = userAuthentication.AuthenticateUser(userByUsername[0].Account.UserName); HttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties { IsPersistent = false, ExpiresUtc = DateTime.UtcNow + TimeSpan.FromMinutes(15) }, identity); return(RedirectToAction("UserProfile", "Account")); } else { ModelState.AddModelError("UserName", "Please make sure you entered the correct username."); ModelState.AddModelError("Password", "Please make sure you entered the correct password."); View(); } } else { ModelState.AddModelError("UserName", "Please make sure you entered the correct username."); ModelState.AddModelError("Password", "Please make sure you entered the correct password."); return(View()); } } return(View()); }