public User SaveUser(string username, string password, int role) { User user = new User(); try { using (SqlConnection connection = new SqlConnection(connectionString)) { byte[] salt = passwordHasher.GenerateRandomSalt(); string hashedPassword = passwordHasher.ComputeHash(password, salt); connection.Open(); SqlCommand command = connection.CreateCommand(); command.CommandText = sql_SaveUser; command.Parameters.AddWithValue("@username", username); command.Parameters.AddWithValue("@password", hashedPassword); command.Parameters.AddWithValue("@salt", Convert.ToBase64String(salt)); command.Parameters.AddWithValue("@role", role); int id = Convert.ToInt32(command.ExecuteScalar()); user.Id = id; user.Username = username; user.Role = role; } } catch (Exception ex) { user = new User(); } return(user); }
public override void Setup() { base.Setup(); PasswordHasher hash = new PasswordHasher(); dao = new UserLoginSqlDao(ConnectionString, new PasswordHasher()); string salt = Convert.ToBase64String(hash.GenerateRandomSalt()); using (SqlConnection connection = new SqlConnection(ConnectionString)) { connection.Open(); SqlCommand cmd = connection.CreateCommand(); cmd.CommandText = @"insert into UserInfo (userName,password,salt) values ('testUser',@password,@salt)"; cmd.Parameters.AddWithValue("@salt", "RrQlUO2CbmowsGDSpRhXZA=="); cmd.Parameters.AddWithValue("@password", "RrQlUO2CbmowsGDSpRhXZPGjRy1BEXkN3fdCrNs4xUJjxNcs"); cmd.ExecuteNonQuery(); } }
public override void Setup() { base.Setup(); PasswordHasher hash = new PasswordHasher(); dao = new UserSqlDAL(ConnectionString, new PasswordHasher()); string salt = Convert.ToBase64String(hash.GenerateRandomSalt()); using (SqlConnection connection = new SqlConnection(ConnectionString)) { connection.Open(); SqlCommand cmd = connection.CreateCommand(); cmd.CommandText = @"insert into Roles (roles_Title,role_Description) values ('Admin','Admin control' ),('Users','Generic User')"; cmd.ExecuteNonQuery(); cmd.CommandText = @"insert into UserLogin (first_Last_Name,userName,userRole,password,salt) values ('Gerg DinkleBerry','gdeckner','Admin',@password,@salt)"; cmd.Parameters.AddWithValue("@salt", "RrQlUO2CbmowsGDSpRhXZA=="); cmd.Parameters.AddWithValue("@password", "RrQlUO2CbmowsGDSpRhXZPGjRy1BEXkN3fdCrNs4xUJjxNcs"); cmd.ExecuteNonQuery(); } }