Example #1
0
        //authentication method.
        public Employee AuthenticateEmployee(string employeename, string password)
        {
            Employee employee      = null;
            bool     isNewEmployee = (password == "newuser");

            //Step one is to hash password
            password = hashSHA256(password);


            //call methods from data access layer
            try
            {
                //does user exsist
                if (1 == EmployeeAccessor.VerifyEmployeeNameAndPassword(employeename, password))
                {
                    //if found create an employee object
                    employee = EmployeeAccessor.GetEmployeeByEmail(employeename);

                    if (isNewEmployee == true)
                    {
                        //first clear roles so that employees have enforced access to info
                        employee.Roles.Clear();
                        //then for new employees , added to new employee role.
                        employee.Roles.Add("Welcome New Employee.");
                    }
                }
                else
                {
                    throw new ApplicationException("Login Credentials Invalid, try again.");
                }
            }
            catch (Exception ex)
            {
                throw new ApplicationException("Employee Not Found");
            }
            return(employee);
        }