public async Task<LoginResponse> Login(LoginRequest request)
{
var user = await _db.Users.FirstOrDefaultAsync(u => u.Email == request.Email);
if (user == null)
{
return new LoginResponse
{
Success = false,
Message = "Email or password is incorrect"
};
}
var providedPassword = BCrypt.Net.BCrypt.HashPassword(request.Password, user.Salt);
if (!providedPassword.Equals(user.Password))
{
return new LoginResponse
{
Success = false,
Message = "Email or password is incorrect"
};
}
await SetupSession(user.Id, request.SessionId);
return new LoginResponse
{
Success = true,
Message = "Login successful"
};
}
public async Task<ActionResult> Index(LoginRequest request)
{
request.SessionId = Session.SessionID;
var response = await _service.Login(request);
if (!response.Success)
{
ViewBag.Message = "Incorrect email or password";
return View(new LoginRequest {Email = request.Email});
}
return Redirect("/");
}