From bb4cecee2e23d497ae94945c5f0d80266400168f Mon Sep 17 00:00:00 2001
From: jvyden <jvyden@jvyden.xyz>
Date: Sat, 20 Nov 2021 00:13:11 -0500
Subject: [PATCH] Actually verify the password on login

---
 ProjectLighthouse/Pages/ExternalAuth/LoginForm.cshtml.cs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ProjectLighthouse/Pages/ExternalAuth/LoginForm.cshtml.cs b/ProjectLighthouse/Pages/ExternalAuth/LoginForm.cshtml.cs
index 1e49ab0f..c49355ce 100644
--- a/ProjectLighthouse/Pages/ExternalAuth/LoginForm.cshtml.cs
+++ b/ProjectLighthouse/Pages/ExternalAuth/LoginForm.cshtml.cs
@@ -30,6 +30,8 @@ namespace LBPUnion.ProjectLighthouse.Pages.ExternalAuth
                 User? user = await this.database.Users.FirstOrDefaultAsync(u => u.Username == username);
                 if (user == null) return this.StatusCode(403, "");
 
+                if (!BCrypt.Net.BCrypt.Verify(password, user.Password)) return this.StatusCode(403, "");
+
                 Console.WriteLine(user.UserId);
             }