Beispiel #1
0
        public AuthenticationResult Login(LoginRequest request)
        {
            var salt = "";

            using (var connection = new SqlConnection(_connStr))
                using (var query = new SqlCommand())
                {
                    query.Connection = connection;
                    connection.Open();
                    query.CommandText = "select Salt from Student where IndexNumber = @index";
                    query.Parameters.AddWithValue("index", request.Login);

                    using (var dataReader = query.ExecuteReader())
                    {
                        if (!dataReader.Read())
                        {
                            return(null);
                        }
                        salt = dataReader["Salt"].ToString();
                    }
                    query.CommandText = "select Role from Student where IndexNumber = @index and Password = @password;";
                    query.Parameters.AddWithValue("password", PasswordHandler.CreateHash(request.Password, salt));
                    return(Authenticate(query));
                }
        }
Beispiel #2
0
        public AuthenticationService Login(LoginRequest request)
        {
            using (var connection = new SqlConnection("Data Source = db - mssql; Initial Catalog = s16531; Integrated Security = True"))
                using (var command = new SqlCommand())
                {
                    command.Connection = connection;
                    connection.Open();
                    command.CommandText = "select Salt from Student where IndexNumber = @index;";
                    command.Parameters.AddWithValue("index", request.Login);

                    var salt = "";
                    using (var dataReader = command.ExecuteReader())
                    {
                        if (!dataReader.Read())
                        {
                            return(null);
                        }

                        salt = dataReader["Salt"].ToString();
                    }

                    command.CommandText = "select Role from Student where IndexNumber = @index and Password = @password;";
                    command.Parameters.AddWithValue("password", PasswordHandler.CreateHash(request.Password, salt));
                    return(Authenticate(command));
                }
        }