public string Login(string email, string password) { if (Session["user"] != null) { return("#Error: Could not log in."); } using (var db = new AuctionHouseDB()) { try { User user = db.FindUserByEmailAndPassword(email, password, out var isAdmin); if (user == null) { return("#Error: Invalid email/password."); } Session["user"] = user; Session["isAdmin"] = isAdmin; return("Successfully logged in."); } catch (Exception ex) { log.Error(ex.Message, ex); return("#Error: Unknown error occured."); } } }