entity framework 4 - How to avoid login with an empty password field in ASP.NET MVC 5? -

i'm working on asp.net mvc 5 project have created customized login , registration page. application working fine, problem able login when password field empty.

here code controller(i used namespaces , reference correctly)

public class usercontroller : controller {     //     // get: /register/     public actionresult index()     {         return view();     }      [httpget]     public actionresult login()     {         return view();     }      [httppost]     public actionresult login(models.register userr)     {         if (isvalid(userr.email_id, userr.password))         {             formsauthentication.setauthcookie(userr.email_id, false);             return redirecttoaction("index", "home");         }         else         {             modelstate.addmodelerror("", "login details wrong.");         }          return view(userr);     }      [httpget]     public actionresult register()     {         return view();     }      [httppost]     public actionresult register(models.register user)     {         try         {             if (modelstate.isvalid)             {                 using (var db = new mvcapplication2.models.onlineeducationentities())                 {                      var newuser = db.registers.create();                     newuser.email_id = user.email_id;                     newuser.password = user.password;                     newuser.student_name = user.student_name;                     newuser.dob= datetime.now;                      db.registers.add(newuser);                     db.savechanges();                     return redirecttoaction("login", "user");                 }             }             else             {                 modelstate.addmodelerror("", "data not correct");             }         }         catch (dbentityvalidationexception e)         {             foreach (var eve in e.entityvalidationerrors)             {                 console.writeline("entity of type \"{0}\" in state \"{1}\" has following validation errors:",                     eve.entry.entity.gettype().name, eve.entry.state);                  foreach (var ve in eve.validationerrors)                 {                     console.writeline("- property: \"{0}\", error: \"{1}\"",                         ve.propertyname, ve.errormessage);                 }             }              throw;         }          return view();     }      public actionresult logout()     {         formsauthentication.signout();         return redirecttoaction("login", "user");     }      private bool isvalid(string email, string password)     {         var crypto = new simplecrypto.pbkdf2();         bool isvalid = false;          using (var db = new mvcapplication2.models.onlineeducationentities())         {             var user = db.registers.firstordefault(u => u.email_id == email);             if (user != null)             {                 if (user.password == crypto.compute(password, user.password))                 {                     isvalid = true;                 }             }         }          return isvalid;     }    } 

and view:

@model mvcapplication2.models.register @{     viewbag.title = "login";     layout = "~/views/shared/_layout.cshtml"; }  <h2>login</h2>  @using (html.beginform()) {     @html.antiforgerytoken()     @html.validationsummary(true)      <fieldset>         <legend>register</legend>          <div class="editor-label">             @html.labelfor(model => model.email_id)         </div>         <div class="editor-field">             @html.editorfor(model => model.email_id)             @html.validationmessagefor(model => model.email_id)         </div>          <div class="editor-label">             @html.labelfor(model => model.password)         </div>         <div class="editor-field">             @html.editorfor(model => model.password)             @html.validationmessagefor(model => model.password)         </div>          <p>             <input type="submit" value="login" />         </p>     </fieldset> }  < div>         @html.actionlink("register now", "register")     </div>      @section scripts {         @scripts.render("~/bundles/jqueryval")     } 

add check isvalid method:

private bool isvalid(string email, string password) {     if (string.isnullorwhitespace(password) || password.length < 6)         return false;      //... etc. 

the problem is, since not using modelstate.isvalid, you'll need alternative. isvalid method seems alternative.