public string Login(string email, string password)
{
if (Session["user"] != null)
{
return("#Error: Could not log in.");
}
using (var db = new AuctionHouseDB())
{
try
{
User user = db.FindUserByEmailAndPassword(email, password, out var isAdmin);
if (user == null)
{
return("#Error: Invalid email/password.");
}
Session["user"] = user;
Session["isAdmin"] = isAdmin;
return("Successfully logged in.");
}
catch (Exception ex)
{
log.Error(ex.Message, ex);
return("#Error: Unknown error occured.");
}
}
}
