public static LoginPO LoginDOToPO(LoginDO from)
{
LoginPO to = new LoginPO();
to.Username = from.Username;
to.Password = from.Password;
return(to);
}
//Method for mapping from PO to DO
public static LoginDO LoginPOtoDO(LoginPO from)
{
//Declaring a new DO object using the WinsDO model
LoginDO to = new LoginDO();
//Mapping all relevant information. from is the pass in, to is the result.
to.Username = from.Username;
to.Password = from.Password;
//sends the data back to the method that called it
return(to);
}
public LoginDO ViewUserByUsername(LoginDO form)
{
SqlConnection connectionToSql = null;
SqlCommand storedProcedure = null;
SqlDataReader reader = null;
LoginDO loginDO = null;
try
{
connectionToSql = new SqlConnection(_connectionString);
storedProcedure = new SqlCommand("USER_LOGIN", connectionToSql);
storedProcedure.CommandType = System.Data.CommandType.StoredProcedure;
storedProcedure.Parameters.AddWithValue("@Username", form.Username);
connectionToSql.Open();
reader = storedProcedure.ExecuteReader();
loginDO = new LoginDO();
if (reader.Read())
{
loginDO.Username = reader["Username"] as string;
loginDO.UserId = (int)reader["UserID"];
loginDO.RoleId = (int)reader["RoleID"];
loginDO.Password = reader["Password"] as string;
}
else
{
loginDO = null;
}
}
catch (Exception ex)
{
Logger.Log("Fatal", ex.TargetSite.ToString(), ex.Message, ex.StackTrace);
throw;
}
finally
{
if (connectionToSql != null)
{
connectionToSql.Close();
connectionToSql.Dispose();
}
}
return(loginDO);
}
//Method for searching the database by username, and returning username, password, roleId, and userId
public LoginDO ValidLogin(string username)
{
//Defining SqlConnection for this method
SqlConnection scon = new SqlConnection(_conn);
//Establishing new list using model LoginDO
LoginDO login = new LoginDO();
//Establishing a new data adapter
SqlDataAdapter adapter = null;
//Establishing a new data table
DataTable table = new DataTable();
//Beginning the processes
try
{
//Defining a variable for the SqlCommand, as well as the stored proc and connection we're using
SqlCommand loginCheck = new SqlCommand("LOGIN_INFO_RETRIEVAL", scon);
//Defining what kind of command our SqlCommand is
loginCheck.CommandType = CommandType.StoredProcedure;
//Adding in all the variables. Format: ("@SqlVariable", C#VariableValue)
loginCheck.Parameters.AddWithValue("@Username", username);
//defining our adapter and what command it uses
adapter = new SqlDataAdapter(loginCheck);
//telling code to use the data table to fill itself
adapter.Fill(table);
//setting our object equal to all information pulled from database by running it through a mapper
login = LoginListMap.RowToItem(table.Rows[0]);
}
//Catch for any errors that may happen
catch (Exception ex)
{
//passing in the exception that was thrown to the errorhandler
ErrorHandlerDAL.ErrorLogger(ex);
}
//finally cleans up any last loose ends
finally
{
//closing SqlConnection
scon.Close();
//disposing of the SqlConnection
scon.Dispose();
}
//Sending all information pulled from the database up to the PL
return(login);
}
public ActionResult Login(LoginPO form)
{
ActionResult response = null;
LoginPO login = new LoginPO();
try
{
//Checks ModelState to be sure info inputted matches the current model
if (ModelState.IsValid)
{
LoginDO dataObject = LoginMapper.LoginPOToDO(form);
LoginDO databaseLogin = _dataAccess.ViewUserByUsername(dataObject);
//Checks whether the inputted password and username are correct, and handles that properly
if (databaseLogin == null || form.Password != databaseLogin.Password)
{
ModelState.AddModelError("Password", "Username or password incorrect, please try again.");
response = View();
}
else if (form.Password == databaseLogin.Password && form.Username == databaseLogin.Username)
{
Session["Username"] = databaseLogin.Username;
Session["UserID"] = databaseLogin.UserId;
Session["RoleID"] = databaseLogin.RoleId;
//keeps user logged in for 5 minutes, after they log in they get sent to home page
Session.Timeout = 5;
response = RedirectToAction("Index", "Home");
}
}
else
{
response = View();
}
}
catch (Exception ex)
{
Logger.Log("Fatal", ex.TargetSite.ToString(), ex.Message, ex.StackTrace);
}
return(response);
}
//Method for assigning data from database values to c# values
public static LoginDO RowToItem(DataRow iSource)
{
//Establishing a object using model LoginDO
LoginDO to = new LoginDO();
//pulling "Value" from SQL, casting it or converting it as necessary, and assigning it to it's c# equivalent
to.UserId = (long)iSource["UserId"];
//pulling "Value" from SQL, casting it or converting it as necessary, and assigning it to it's c# equivalent
to.UserRoleId = (int)iSource["UserRoleId"];
//Checking if SQL value is null or not, and if not, proceeds into the if
if (iSource["Username"] != DBNull.Value)
{
//pulling "Value" from SQL, casting it or converting it as necessary, and assigning it to it's c# equivalent
to.Username = iSource["Username"].ToString();
}
//Checking if SQL value is null or not, and if not, proceeds into the if
if (iSource["Password"] != DBNull.Value)
{
//pulling "Value" from SQL, casting it or converting it as necessary, and assigning it to it's c# equivalent
to.Password = iSource["Password"].ToString();
}
//Return all data to previous method
return(to);
}
//Call to check the credentials of a user in the database for Login
public LoginDO UserLogin(LoginDO userLogin)
{
//Try(catch) to open a connection and access the server database
try
{
using (SqlConnection sqlConnect = new SqlConnection(connectionString))
using (SqlCommand sqlCommand = new SqlCommand("USER_LOGIN", sqlConnect))
{
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlConnect.Open();
sqlCommand.Parameters.AddWithValue("@UserName", userLogin.UserName);
sqlCommand.Parameters.AddWithValue("@Password", userLogin.Password);
using (SqlDataReader dataReader = sqlCommand.ExecuteReader())
{
while (dataReader.Read())
{
userLogin.UserID = (int)dataReader["UserID"];
userLogin.ProfileID = (int)dataReader["ProfileID"];
userLogin.UserName = (string)dataReader["UserName"];
userLogin.JobTitle = (string)dataReader["JobTitle"];
userLogin.RoleName = (string)dataReader["RoleName"];
}
}
}
}
catch (Exception error)
{
Logger Error = new Logger();
Error.logErrors(error);
}
finally { }
return(userLogin);
}
