public User AuthenticateUser(string userName, string password, UserType type)
{
using (SqlConnection conn = new SqlConnection(_connectionString))
{
conn.Open();
using (SqlCommand comm = conn.CreateCommand())
{
comm.CommandType = System.Data.CommandType.StoredProcedure;
comm.CommandText = "[AuthenticateUser]";
comm.Parameters.AddRange(new[]
{
new SqlParameter("@name", userName),
new SqlParameter("@password", password),
new SqlParameter("@type", (int)type),
});
using (SqlDataReader dr = comm.ExecuteReader())
{
dr.Read();
User user = null;
if (type == UserType.TenderAttendee)
{
user = new TenderAttendeeUser
{
Id = (int)dr["Id"],
Email = (string)dr["Email"].NullIfDbNull(),
Name = (string)dr["Name"],
Status = (UserStatus)dr["Status"],
};
}
else if (type == UserType.TenderOwner)
{
user = new TenderOwnerUser
{
Id = (int)dr["Id"],
Email = (string)dr["Email"].NullIfDbNull(),
Name = (string)dr["Name"],
Status = (UserStatus)dr["Status"],
};
}
return user;
}
}
}
}
private User CreateTenderAttendee(TenderAttendeeUser user, string password)
{
Guid token = Guid.NewGuid();
using (SqlConnection conn = new SqlConnection(_connectionString))
{
conn.Open();
using (SqlCommand comm = conn.CreateCommand())
{
comm.CommandType = System.Data.CommandType.StoredProcedure;
comm.CommandText = "[CreateUser]";
comm.Parameters.AddRange(new[]
{
new SqlParameter("@type", (int)user.Type),
new SqlParameter("@name", user.Name),
new SqlParameter("@password", password),
new SqlParameter("@email", user.Email),
new SqlParameter("@activationToken", token),
new SqlParameter("@firstName", user.FirstName),
new SqlParameter("@lastName", user.LastName)
});
comm.ExecuteNonQuery();
}
}
IMailer mailer = new Mailer();
mailer.SendMail(new [] { user.Email }, "Potwierdzenie rejestracji", token.ToString());
return AuthenticateUser(user.Name, password, user.Type);
}
