Can't login to my mvc site after publishing it to a Web hosting service

Question

I have a asp.net MVC website that I've recently published on a web hosting service. Almost everything works great, the information that I get from my msSQL db is shown on the pages etc etc. But there's one problem. When I try to log in to my website, it won't work. Before I explain any further, you'll have to take a look at the following code which is how I authenticate a user login:

public ActionResult Login()
{
    return View();
}

[HttpPost, ValidateAntiForgeryToken]
public ActionResult Login(LoginModel model)
{
    if (ModelState.IsValid)
    {

        if (Repository.AuthenticateLogin(model.Username, model.Password.GetHashCode().ToString()))
        {
            FormsAuthentication.SetAuthCookie(model.Username, false);
            return RedirectToAction("Index", "Home");
        }
        else
        {
            TempData["WrongLogin"] = "The username or password you've entered is wrong. Please try again!";
            return View(model);
        }
    }
    else
    {
        return View(model);
    }
}

And the method "AuthenticateLogin(string username, string password) that is used in the if-statement above looks like this:

public static bool AuthenticateLogin(string username, string password)
    {
        using (var context = new SHultEntities())
        {
            return (from u in context.User
                    where u.Username == username && u.Password == password
                    select u).Any();
        }
    }

Now, as you can see, to authenticate a user, I am checking the entered username and password against any user in the database's user-table. If there is a match, the method returns "true", or else it returns "false". Yeah, you get it.

Well, the problem is, when I try to log in on my site I get the TempData["WrongLogin"] text, which means my AuthenticateLogin method must've returned false, which means that there must not have been any matches. But when I try this on my local project on my computer, with the same username and password, the AuthenticateLogin returns true.

If the problem was the connection to the database, the headers and contents that I retrieve from my database would not appear on the site. But it does. Also, when I update something from my local project and then go on my website, the updated information appears. So, the only problem is that I can't log in.

This is driving me crazy and I would really appreciate some help.

EDIT: Could be worth mentioning that I have to log in to my website to edit any content/information. That's why I mentioned that I can log in and change from my local project, and then the changes appear on the website.

FOUND PROBLEM: I tried creating a user with a non-hashed password and deleted the .GetHashCode.ToString() from the AuthenticateLogin on the password. Then i re-published. It works. The problem is the hashing.

How can I solve this? I need hashed passwords in the db...

Answer 1

How did you seed the username and password in your database? If the implementation of password.GetHashCode() is machine specific (ie relies on a machine specific salt) then this could be why it cannot match against any users. On the other hand if the users were created via the remote (hosted) environment, this should not be a problem.

Answer 2

The problem was caused by my hashing. Apprenatly, two strings that looks exactly the same can produce different values when hashed, with standard framework implementation of .GetHashCode() , on different machines (even though the machines are using the same version of the framework).

For more information, click here!

I Solved my problem by using a customized Hashing-class.