public User AddNewUser(String userID, String password, String email, String role, String firstname = null,String lastname = null,String address = null ,String city = null,String province = null,String country = null) { User user = new User(); user.UserID = userID; user.Password = password; user.Email = email; user.Role = role; user.FirstName = firstname; user.LastName = lastname; user.Address = address; user.City = city; user.Province = province; user.Country = country; user.TheCognitoCredential = LetUsDealWithTheAWSCognitoIDStuff(userID); int result = 0; using (SqlConnection conn = new SqlConnection(_connectionString)) { using (SqlCommand cmd = new SqlCommand("[dbo].[AddUser]")) { conn.Open(); cmd.Connection = conn; cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("@UserID", SqlDbType.NVarChar).Value = userID; cmd.Parameters.Add("@Password", SqlDbType.NVarChar).Value = password; cmd.Parameters.Add("@UserEmail", SqlDbType.NVarChar).Value = email; cmd.Parameters.Add("@UserRole", SqlDbType.NVarChar).Value = role; cmd.Parameters.Add("@FirsName", SqlDbType.NVarChar).Value = firstname; cmd.Parameters.Add("@LastName", SqlDbType.NVarChar).Value = lastname; cmd.Parameters.Add("@Address", SqlDbType.NVarChar).Value = address; cmd.Parameters.Add("@City", SqlDbType.NVarChar,50).Value = role.Trim(); cmd.Parameters.Add("@Province", SqlDbType.NVarChar).Value = province; cmd.Parameters.Add("@Country", SqlDbType.NVarChar).Value = country; cmd.Parameters.Add("@CognitoID", SqlDbType.NVarChar).Value = user.TheCognitoCredential.CognitoID; cmd.Parameters.Add("@CognitoToken", SqlDbType.NVarChar).Value = user.TheCognitoCredential.CognitoToken; SqlParameter outParam = cmd.Parameters.Add("@resultOutput", SqlDbType.Int); outParam.Direction = ParameterDirection.Output; cmd.ExecuteNonQuery(); result = (int)outParam.Value; if (result == 0) { user = new User(); user.FirstName = "Duplicated name or email"; user.LastName = ""; } conn.Close(); } } return user; }
public List<User> GetAllUsers() { List<User> users = new List<User>(); using(SqlConnection conn = new SqlConnection(_connectionString)) { using (SqlCommand cmd = new SqlCommand("[dbo].[GetAllUsers]")) { cmd.Connection = conn; cmd.CommandType = CommandType.StoredProcedure; SqlDataAdapter adapter = new SqlDataAdapter(); adapter.SelectCommand = cmd; adapter.Fill(_ds); foreach (DataRow row in _ds.Tables[0].Rows) { User user = new User(); user.UserID = (string)row["fldUserID"]; user.Email = (string)row["fldEmail"]; user.FirstName = DBNullConverterToString(row["fldFirstName"]); user.LastName = DBNullConverterToString(row["fldLastName"]); user.City = DBNullConverterToString(row["fldCity"]); user.Province = DBNullConverterToString(row["fldProvince"]); user.Country = DBNullConverterToString(row["fldCountry"]); user.Address = DBNullConverterToString(row["fldAddress"]); users.Add(user); } } } return users; }
public User AuthenticateUser(string userID, string password) { User user = new User(); using (SqlConnection conn = new SqlConnection(_connectionString)) { using (SqlCommand cmd = new SqlCommand("[dbo].[GetUserInfo]")) { cmd.Connection = conn; cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("@UserID", SqlDbType.VarChar).Value = userID; cmd.Parameters.Add("@Password", SqlDbType.VarChar).Value = password; SqlDataAdapter adapter = new SqlDataAdapter(); adapter.SelectCommand = cmd; adapter.Fill(_ds); if (_ds.Tables[0].Rows.Count != 1) { User anonymousUser = new User(); anonymousUser.FirstName = "Anonymous"; anonymousUser.LastName = "User"; anonymousUser.Role = "AnonymousUser"; return anonymousUser; } else { DataRow row = _ds.Tables[0].Rows[0]; user.UserID = (string)row["fldUserID"]; user.Email = (string)row["fldEmail"]; user.FirstName = DBNullConverterToString(row["fldFirstName"]); user.LastName = DBNullConverterToString(row["fldLastName"]); user.City = DBNullConverterToString(row["fldCity"]); user.Province = DBNullConverterToString(row["fldProvince"]); user.Country = DBNullConverterToString(row["fldCountry"]); user.Address = DBNullConverterToString(row["fldAddress"]); user.Role = DBNullConverterToString(row["fldRole"]); } } } return user; }