public EmployeeWithPasswordModel GetEmployeeWithPasswordByUsername(string username)
{
SqlDataReader reader = this.ExecuteReader(
@"SELECT Id,
Username,
PasswordHash,
PasswordSalt
FROM Employees
WHERE Username = @username",
new Dictionary <string, object>
{
{ "@username", username }
});
using (reader)
{
while (reader.Read())
{
int id = reader.GetInt32(0);
string usernameFromDatabase = reader.GetString(1);
string passwordHash = reader.GetString(2);
string passwordSalt = reader.GetString(3);
EmployeeWithPasswordModel employeeWithPassword = new EmployeeWithPasswordModel(id, usernameFromDatabase, passwordHash, passwordSalt);
return(employeeWithPassword);
}
}
return(null);
}
public EmployeeModel GetEmployee(EmployeeLoginBindingModel employeeModel)
{
using (this.employeeRepository)
{
EmployeeWithPasswordModel employeeWithPassword = this.employeeRepository.GetEmployeeWithPasswordByUsername(employeeModel.Username);
if (employeeWithPassword == null)
{
return(null);
}
string actualPasswordHash = PasswordUtilities.GeneratePasswordHash(employeeModel.Password, employeeWithPassword.PasswordSalt);
if (actualPasswordHash != employeeWithPassword.PasswordHash)
{
return(null);
}
EmployeeModel employee = new EmployeeModel(employeeWithPassword.Id, employeeWithPassword.Username);
return(employee);
}
}
