Returning a variable from a foreach-loop ASP.NET Core 5.0-CodePudding

I'm trying to return a password from a foreach-loop to do some validations, but I can't get the password-variable to return. I keep getting errors. I do this in my controller.

My code:

[HttpPost]
public IActionResult Login(userModel user)
{
    ViewBag.Password = pwd.GetPassword(user);

    string password = "";
    foreach(var pwdR in ViewBag.Password.Rows)
    {
       password = pwdR[1];
    }
    return password; // Here I get this error: CS0029: Cannot implicitly convert type 'string' to 'Microsoft.AspNetCore.Mvc.IActionResult'

    // VALIDATION CODE
    ....................
}

What am I doing wrong?

Thank you!

UPDATE:

[HttpPost]
public IActionResult Login(userModel user)
{
    ScryptEncoder enc = new ScryptEncoder();
    UserModel pwd = new UserModel();
    ViewBag.Password = pwd.GetPassword(user);

    string password = "";
    foreach(var pwdR in ViewBag.Password.Rows)
    {
       password = pwdR[1];
    }
    return password; // Here I get this error: CS0029: Cannot implicitly convert type 'string' to 'Microsoft.AspNetCore.Mvc.IActionResult'

    // VALIDATION CODE
    bool match = enc.Compare(user.pwd, password);

    if (match) 
    {
        ViewBag.Error = "You are now logged in.";
        return View();
    } else
    {
        ViewBag.Error = "Login failed.";
        return View();
    }
}

CodePudding user response：

It is a big performance bug to load all users and to find one you need.

Try this code

[HttpPost]
public IActionResult Login(UserModel user)
{
    ScryptEncoder enc = new ScryptEncoder();

      var userNamePassword= GetUserNamePassword (user) ;

  if(  userNamePassword==null)
    ViewBag.Error = "Login failed. User is not found";
    return View();
}
    // VALIDATION CODE
    bool match = enc.Compare(userNamePassword.Password, password);

    if (match) 
    {
        ViewBag.Error = "You are now logged in.";
        return View();
    } else
    {
        ViewBag.Error = "Login failed.";
        return View();
    }
}

change your model class to this

 public class UserNamePasswordModel
    {
        public string Username { get; set; }

        public string Password { get; set; }

    }

and place this code somewhere near the Login action

private  UserNamePasswordModel GetUserNamePassword (UserModel user)
{

UserNamePasswordModel  userNamePassword= null;

var connectionString = "Server=localhost;Database=xxxx; uid = xxxx;Password=xxxx;";
        
using   (var connection = new MySqlConnection(connectionString))
{
  var command =  new MySqlCommand("SELECT UserName, Password  FROM User WHERE Username = @Username", connection);

command.Parameters.AddWithValue("@Username", user.Username);

        connection.Open();

       var reader = command.ExecuteReader();

        if (reader.HasRows)
        {
           if reader.Read()
            {
             userNamePassword= new UserNamePasswordModel
             {
              Username=  reader.GetString(0),
               Password =   reader.GetString(1)
             };
            }
        }
        
        reader.Close();
    }
}
    return userNamePassword;
       
}

CodePudding user response：

try returning Ok with password in it, something like: return Ok(password);

CodePudding user response：

You should wrap your validation code in another class, something like UserService, then call your validation method into Login method, finally you can return a status code based on your validation result e.g Ok() or Unauthorized()

UPDATE

After your explanation, if I am not wrong, you can try this:

[HttpPost]
public IActionResult Login(userModel user)
{
    ScryptEncoder enc = new ScryptEncoder();
    UserModel pwd = new UserModel();
    ViewBag.Password = pwd.GetPassword(user);

    foreach(var pwdR in ViewBag.Password.Rows)
    {
       if (enc.Compare(user.pwd, pwdR[1])){
       ViewBag.Error = "You are now logged in.";
        return View();
        }
    }
    ViewBag.Error = "Login failed.";
    return View();
    
}