public IActionResult Login(ReturningUser user)
{
if (ModelState.IsValid)
{
var emailQuery = $"Select * from users where email='{user.email}'";
var result = _dbConnector.Query(emailQuery).FirstOrDefault();
if (result == null)
{
ModelState.AddModelError("email", "Invalid email/password");
}
else
{
var hasher = new PasswordHasher <ReturningUser>();
var pw = result["password"].ToString();
if (hasher.VerifyHashedPassword(user, pw, user.password) == PasswordVerificationResult.Failed)
{
ModelState.AddModelError("email", "Invalid email/password");
}
}
if (ModelState.IsValid)
{
HttpContext.Session.SetInt32("id", (int)result["id"]);
return(RedirectToAction("Show"));
}
}
return(View());
}
public IActionResult LoginUser(ReturningUser userSubmission)
{
if (ModelState.IsValid)
{
User userInDb = dbContext.Users.FirstOrDefault(u => u.Email == userSubmission.Email);
if (userInDb == null)
{
ModelState.AddModelError("Email", "No user with that email");
return(View("Login"));
}
var hasher = new PasswordHasher <ReturningUser>();
var result = hasher.VerifyHashedPassword(userSubmission, userInDb.Password, userSubmission.Password);
if (result == 0)
{
ModelState.AddModelError("Password", "Incorrect password");
return(View("Login"));
}
HttpContext.Session.SetInt32("id", userInDb.UserId);
return(RedirectToAction("Index", "Home"));
}
else
{
return(View("Login"));
}
}
