public ActionResult Login(LoginDetailsViewModel loginData)
{
if (!ModelState.IsValid)
{
ModelState.AddModelError("", "Invalid Username or Password.");
return(View(loginData));
}
ResumeBuilderDBContext dbContext = new ResumeBuilderDBContext();
if (!dbContext.Logins.Any(m => m.Username == loginData.UserName))
{
ModelState.AddModelError("", "Username does not exist.");
return(View(loginData));
}
else
{
try
{
var userLoginDetails = dbContext.Logins.FirstOrDefault(m => m.Username == loginData.UserName);
var saltBytes = Encoding.UTF8.GetBytes(userLoginDetails.Salt);
byte[] enteredPasswordBytes = PasswordSecurity.ComputeHMAC_SHA256(Encoding.UTF8.GetBytes(loginData.Password), saltBytes);
byte[] savedPasswordBytes = Encoding.UTF8.GetBytes(userLoginDetails.Password);
if (PasswordSecurity.MatchSHA(savedPasswordBytes, enteredPasswordBytes))
{
if (Session.Count == 0)
{
Session["UserID"] = userLoginDetails.UserID;
return(RedirectToAction("Index", "Resume"));
}
else
{
ModelState.AddModelError("", "Session already exists. Try Again.");
return(View(loginData));
}
}
else
{
throw new UnauthorizedAccessException();
}
}
catch (UnauthorizedAccessException)
{
ModelState.AddModelError("", "Wrong Password. Try Again.");
return(View(loginData));
}
catch (Exception)
{
ModelState.AddModelError("", "Oops!!! Something went wrong. Try Again.");
return(View(loginData));
}
}
}