public static void Insert(Account value, out Guid code) {
            using (SqlConnection cn = new SqlConnection(ConnectionString)) {
                SqlCommand cmd = new SqlCommand {
                    Connection = cn,
                    CommandText = "spAccountCreate",
                    CommandType = CommandType.StoredProcedure
                };

                cmd.Parameters.Add("name", SqlDbType.NVarChar, 255).Value = value.name;
                cmd.Parameters.Add("email", SqlDbType.NVarChar, 255).Value = value.email;
                cmd.Parameters.Add("hash", SqlDbType.NVarChar, 100).Value = PasswordHash.CreateHash(value.hash);
                cmd.Parameters.Add("accountId", SqlDbType.UniqueIdentifier).Direction = ParameterDirection.Output;
                cmd.Parameters.Add("code", SqlDbType.UniqueIdentifier).Direction = ParameterDirection.Output;

                cn.Open();
                cmd.ExecuteNonQuery();

                value.id = (Guid)cmd.Parameters["accountId"].Value;
                code = (Guid)cmd.Parameters["code"].Value;

                cn.Close();
            }
        }
 public UserPrincipal(Account account, string clientId, Guid sessionId) {
     identityValue = new GenericIdentity(account.email);
     this.Account = account;
     this.ClientId = clientId;
     this.SessionId = sessionId;
 }
        public static Account Authenticate(string email, string password) {
            string query = string.Format("SELECT * FROM viewAccounts WHERE email = '{0}'", email);

            using (SqlDataAdapter da = new SqlDataAdapter(query, ConnectionString)) {
                DataTable dt = new DataTable();
                if (da.Fill(dt) == 1) {
                    Account account = new Account(dt.Rows[0]);
                    if (PasswordHash.ValidatePassword(password, account.hash)) {
                        return account;
                    }
                }
            }

            return null;
        }