public IActionResult Login(BaseViewModel viewmodel) { var authenticated = _userService.AuthenticateLogin(viewmodel.Layout_Username, viewmodel.Layout_Password); if (authenticated) { IUser user; _context.UserRepository.GetUserIfExists(viewmodel.Layout_Username, out user); _credentialHoldingService.PopulateService(user); } return(RedirectToAction("Index")); }
public bool AuthenticateLogin(string username, string password, out string errormsg) { try { if (!_context.Users.Any(r => r.Username == username)) { errormsg = "Username does not exist."; return(false); } } catch { errormsg = "Could not connect to database."; return(false); } var user = _context.Users.First(r => r.Username == username); var saltedPassword = password + user.Salt; var hash = _crypto.Hash(saltedPassword); if (hash != user.Password) { errormsg = "Username or password incorrect."; return(false); } // Logged in _creds.PopulateService(user); errormsg = ""; return(true); }